May 20th, CAcert has started the Software-Testers Reward Challenge 2011
The first result for May 2011 now has counted:
Continue reading
Software-Testers Reward Challenge – May 2011 results
Leave a reply
Category Archives: News
Software-Testers Reward Challenge
Dear CAcert Supporters,
To become Audit Ready, CAcert is heavyly depended on a working Software-Assessment team.
The Software-Assessment team is depended on an active Software-Testteam.
Continue reading
svn.cacert.org on new host with client certificate authentication now!
Today I finished the migration of svn.cacert.org to a LXC container on our new infrastructure machine. The container is running on Debian Squeeze and supports some nice new features:
- client certificate authentication (on https://svn.cacert.org/ and its alias https://cert.svn.cacert.org/)
- username/password authentication (on https://nocert.svn.cacert.org/)
- SNI (name based virtual hosting for https)
Read only access is provided via http://svn.cacert.org/ as it was before.
Besides allowing client certificate authentication for our Subversion repository this is a big step forward as we now have a modern infrastructure machine with a recent operating system distribution.
If you already have a SVN account on svn.cacert.org and want to use the client certificate authentication feature please send a mail to svn-admin (at) cacert (dot) org.
Easter Egg Challenge 2011
We’ve just started our this years Easter Egg Challenge … We’ve put a couple of patches on to our testserver CACERT1 for you, our fellow and our new Software testers. We’ve put light to heavy patches to the package so everybody is able to walk thru the testserver web pages and search our Easter Egg’s.
Continue reading
Assurers: New Default Hyphen Rule
A new default rule has been added to Practice On Names – Hyphen Rule.
For the purposes of checking the Name against PoN, a hyphen in given names is to be treated as optional.
Continue reading
CAcert in german freeX magazine
The word of CAcert has been spread again in the Computer News in Germany. This time the main focus was put on the use of client certificates: What is the function and how does it intregrate into the popular open source email client Thunderbird, not forgetting other clients like Evolution, Claws-Mail, and the like. It also gives some background of CAcert and a short introducton on how CAcert works. The article in the freeX magazine 2/2011 is in german language. Hope you enjoy it, though 🙂
Aus dem Artikel:
Bewegt man sich im Internet, stößt man auf immer mehr Seiten, mit denen verschlüsselt kommuniziert wird. Solche Seiten mit der Kennung https verschlüsseln die Pakete per SSL. Damit sichergestellt ist, daß man auch mit der richtigen Domain in Kontakt ist und die Daten nicht
kompromittiert werden, identifiziert sich der Server mit Zertfikaten beim Client. Aber nicht nur bei Seitenaufrufen im Web, sondern auch bei E-Mails bedient man sich heute immer häufiger der verschlüsselten Datenübertragung. Die Grundlage sind auch hier Zertifikate. Sie sind eine Art Beglaubigung und bestehen aus einem öffentlichen Teil, der verteilt werden darf, und einem privaten Teil, der ausschließlich dem Benutzer und seinen Programmen zugänglich sein darf. Aus Sicherheitsgründen empfiehlt es sich sogar, die privaten Zertifikate ausschließlich paßwortgeschützt abzulegen. Die heute gebräuchlichen X.509-Zertifikate sichern die Authentizität, Integrität und Vertraulichkeit und bilden damit die Grundlage interner und externer Kommunikation. Doch in der Praxis scheitert eine unternehmensweite Verbreitung von digitalen Zertifikaten zur Absicherung von Servern und E-Mail-Kommunikation – gerade bei kleinen und mittelständischen Betrieben – aber häufig am begrenzten Budget der IT-Abteilung, denn bei den kommerziellen Zertifizierungsstellen fallen schnell jährliche Bereitstellungskosten von mehreren tausend Euro an, und auch für Privatanwender sind wenige hundert Euro Kosten im Jahr oft nicht tragbar.
Um ohne entsprechende Investitionen eine deutliche Steigerung der Sicherheit der Internetkommunikation zu erreichen, kam im Jahr 2002 der Australier Duane Groth auf die Idee, bei X.509-Zertifikaten die zentralisierte Identitätsprüfung kommerzieller Anbieter durch ein Web of Trust zu ersetzen, wie man es in ähnlicher Form von PGP kennt. Er gründete CAcert als community-basierte, nicht-kommerzielle Certification Authority (CA).
Der Originalartikel als PDF mit Bildern
Der ganze Beitrag im Wiki ohne Bilder
New procedure for Name Change after Marriage w/ Assurance
To all community member and assurer,
The arbitration and support teams developed a new “Name Change after
Marriage w/ Assurance” procedure though an arbitration case a20110330.1.
The procedure is outlined in
http://wiki.cacert.org/Arbitrations/Training/Lesson12 and
http://wiki.cacert.org/Support/Handbook/PrecedentCases/a20110330.1.
This should speed up the process of a name change after marriage.
All you need to do is (for the user who wants to get a name change after
marriage):
1. Find at least 2 Assurer to do an Assurance
2. Send a list of the assurers that can confirm the name change after
marriage to support
That’s it.
Support than will contact the parties to get further information.
One more milestone reached within Software-Assessment Project
Within the last 2 days, the testserver got the running signer integration into the testserver environment. This was one of the milestones in getting a testing environment as identical as possible to the production system.
Continue reading
Workaround for Russian Translation of the CAcert Website (bug #900)
We had received a couple of reports by either irc, emails to support or on mailing lists, that the Russian Translation of our CAcert.org Website has garbled Russian translations. This has been reported as Bug #900.
After several analyzes, tests, discussions, we came to the conclusion, that we need an overall UTF-8 upgrade of the critical system. This has to be started as an individual project. As this project doesn’t effects our great efforts on Audit, the priority is lowered against several other Audit essential projects. So currently, there is no easy and no quick fix possible. So we, or better to say Michael V. A. (one of the bug reporters) worked out an workaround:
the exact steps to reproduce both the problem and the workaround:
1. The Bug
http://CAcert.org [^] / Translations / ???????
( http://www.cacert.org/index.php?id=0&lang=ru_RU )
Now the text is garbled (“Western ISO-8859-1” autodetected).
2. The Workaround
Switching to ISO-8859-5.
In my browser (Firefox 3.6.13) it’s exactly the following:
View / Character Encoding / More Encodings
/ East European / Cyrillic (ISO-8859-5)
Now all Russian text is okay.
The workaround works for me.
Yes, I think this should work for other users, as well.
CAcert at Fosdem 11th, Feb 5th – 6th 2011
CAcert and sidux e.V. will be present at Fosdem 2011, the Free and Open Source Software Developers’ European Meeting, February Sat 5th and Sun 6th 2011
- Booth (Sat + Sun)
- Assurance Party (Sun 12:00-14:00, Room: Ferrer)
- Keysigning Party (Sun 12:00-14:00, Room: Ferrer)
If you want to help on our booth, register yourself on our events wiki page Fosdem 2011 planning
CU at Fosdem ….