Category Archives: News

News Relating to CAcert

Last chance: End of thawte points transfer on 16th november 2009

(EN)
Please note, that all thawte points tansfers must be started before 16th november 2009. After this date we can´t check your status at thawte.

If you have 0 points at CAcert, you get can up to 150 pts.
Please click here for details: http://wiki.cacert.org/ThawteNotary

Interface for thawte transfer:
https://tverify.cacert.org

If you need help, you can also write to our mailinglists – details:
https://lists.cacert.org/wws/arc/cacert-support (EN)
https://lists.cacert.org/wws/arc/cacert-support (DE)
https://lists.cacert.org/wws/arc/cacert-es (ES)
https://lists.cacert.org/wws/arc/cacert-br (BR)

—-
(DE)
Bitte beachtet, dass ein Transfer der Punkte aus dem Thawte WoT nur noch bis zum 16. November 2009 möglich ist. Wir haben danach keine Möglichkeit mehr, eure Daten zu verifizieren und können daher keine Punkte mehr transferieren.

Wenn ihr aktuell 0 Punkte bei CAcert auf dem Konto habt, so könnt ihr dies über den Transfer auf bis zu 150 Punkte aufstocken.
Für Details einfach hier klicken: http://wiki.cacert.org/ThawteNotary

Das Interface für den Transfer findet ihr unter:
https://tverify.cacert.org

Wenn ihr Hilfe benötigt, so könnt ihr uns auch über die Mailinglisten kontaktieren:
https://lists.cacert.org/wws/arc/cacert-support (Englisch)
https://lists.cacert.org/wws/arc/cacert-de (Deutsch)
https://lists.cacert.org/wws/arc/cacert-es (Spanisch)
https://lists.cacert.org/wws/arc/cacert-br ((brasilianisches) Portugiesisch)

Thawte Web of Trust Shutting Down

Leave a reply

Thawte’s Web Of Trust is to be Terminated by 16th November

Therefore the board is planning to run the Tverify program until that time, then terminate it completely (as the information will no longer be available).

Then, members who have come in via Tverify will have a year to get assured by other means. This includes members who have obtained points from Tverify in the past.

Tverify is now operating under the authority of board motion m20090928.1 and under the Assurance Policy. This latter means no issues of points over 50, and the earlier includes some restrictions.

However, note that all Tverify points (including ones previously obtained), will be deleted late 2010, so it is best to get assured by CAcert assurers anyway. If you can reach a few of them it may be easier all round if you do that instead of using the Tverify process.

See http://wiki.cacert.org/ThawteNotary for more details. (Disclaimer: that wiki page is not an official statement of the committee)

For the committee of management (board) of CAcert Incorporated,

Nicholas E. Bebout
President
CAcert Incorporated

CAcert Blog is fully X.509 enabled

5 Replies

The CAcert-Blog is now fully X509 enabled.
From never visited the site before and using a named certificate you can, with one click (log in), register for the site and have author status ready to write your own contribution.

If you only have a WoT unnamed certificate you can write your article and it will be spam controlled by the PR people (aka editors).

If you had a contributor account and haven’t posted anything yet you have been downgraded to a subscriber (no comment or write a post access) with all the other spammers. The good news is once you log in with a certificate you get upgraded to the correct status just as if you’d registered.

There is no password authentication any more. The time taken to make sure both behaved reliably was not possible in the time the admins had available.

Please ignore the big blog upgrade notice – we are using Debian security maintained packages and don’t need a WordPress upgrade.

So get to it – write something interesting.
[Edits thanks to Henrik Heigl]

CAcert auf der 1. IT & Business Messe Stuttgart 6.-8.10.2009

1 Reply

CAcert wird auf der 1. IT & Business Messe Stuttgart vom 6. bis 8. Oktober 2009 mit einem Demo Point Neue Messe Stuttgart (Flughafen), Halle/Stand: 1H12-3 im Themenpark “Open Source Business Solutions” vertreten sein.
Continue reading →

CAcert at NLUUG Fall Conference – The Open Web

Leave a reply

On Oct 29, 2009 the NLUUG will keep its Fall Conference – The Open Web.
One of the speakers, Henk Klöpping, will mention CAcert in his talk The Shameless Plug.
As it is custom CAcert wil have a boot there.
If you want to help and have successfully passed the Assurer Challenge pleace add your name on the list at the CAcert wiki.

Signing server outage [solved]

Leave a reply

Friday August 14, 2009 19:15 CEST both the webserver and the signing server suffered from a short power glitch. Due to this power glitch both servers performed a spontaneous reboot. After a reboot both servers will wait for manual input, as a critical server engineer has to enter the decryption-password. The webserver can be managed remotely, this server was operational again Friday at 22:15 CEST.
The signing server cannot be managed remotely. In order to restart the signing server a visit has been made to the hosting center this morning. The signing server is operational again since Saturday Aug 15 10:30 CEST.

No other servers were involved. The signing server will be replaced with new hardware (with a dual power supply) within a few weeks, the new server is currently under test.

CAcert at Webmontag Berlin, Montag, 20. Juli 2009

Leave a reply

Am Montag, den 20.7.09 findet in Berlin bei newthinking store, Tucholskystr. 48, Berlin-Mitte
der nächste Webmontag statt. Zu diesem Termin wird es für CAcert einen 10 minütigen Vortragsslot geben.

Arbeitstitel: CAcert – Was ist das? Wer steckt dahinter? Wie geht es weiter?

Anschliessend wird es die Möglichkeit für Assurences geben (Für Assurances bitte einen oder mehrere offizielle Lichtbildausweise mitbringen – Personalausweis, Führerschein, Reisepass).

Weitere Details unter Webmontag Berlin 20.7.09

CAcert Assurer Training Event Berlin-Brandenburg am 9. Juli 2009

Leave a reply

CAcert Assurer Training Event Berlin-Brandenburg
——————————————————————————– ATE-Berlin

Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher “mündlich überlieferten” Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen “unter’s Volk” zu bringen:

– Wovor schützt die CCA jedes CAcert-Community-Mitglied und somit auch dich?
– Kannst du die 5 Statements der “Purpose of Assurance” aufzählen?
– Kannst du auf Anhieb 10 Sicherheitsmerkmale des deutschen Personalausweises aufzählen?
Antworten auf diese und weitere Fragen erhälst du bei den Assurer Training Events (ATE’s).

Der Termin für Berlin steht nun fest.

Berlin-Wilmerdorf,
Donnerstag 09. Juli 2009 in der Zeit von 19:00 bis 21:00 Uhr
Restaurant Prometheus
Schlangenbader Strasse
12345 Berlin-Wilmerdorf
– Berlin-Brandenburg, Donnerstag 9. Juni

Anmeldungen erfolgen bitte ausschliesslich über folgende Seite:
Anmeldung ATE-Berlin/Brandenburg

Die Teilnahme der Veranstaltungen ist kostenlos, Spenden werden aber gerne gesehen.

Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im Wiki und
bei mixxt.de, siehe die Links oben.

Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.

Kontakt: events@cacert.org

Ian Grigg resigned as auditor in the “audit for CAcert” project with CAcert

Leave a reply

CAcert regrets to announce that Ian Grigg resigned as auditor for CAcert, effective the 12th of June 2009. Ian is ending his activity on behalf of CAcert Inc within the “audit for CAcert,” audit project.

Ian’s work was a primary element in the audit project, which started in the beginning of 2008. The one and a half years project is almost at the point of the second of the three mile stones. Because of the long time it takes for getting policies accepted in the far-flung CAcert Community and CAcert Board, a board run in the spare time of its members, the end date of the project has shifted greatly. The true amount of work was underestimated.
All together, this made funding and periodic payment of expenses quite troublesome.

Ian influenced and achieved quite a lot of the current set of policies, agreements and documentation. CAcert thanks Ian for his contribution. It is most regrettable that Board actions to find solutions to the problems mentioned did not succeed to undo the resignation.

CAcert now has to find another auditor, and we expect that this may take some time. In the meantime, some work still has to be done in order to get CAcert ready for an audit.
This includes: finalizing and accepting the Certificate Policy Statement (CPS); working to make sure that Organisation Assurance can be audited (i.e., write-up of the Organisation Assurer Manual, and …); continuing the audit on the code for security; continuing finding a solution for Third Party assurances; continuing to incorporate new policy functions into the Web software system; testing of the new (Sub)Root Keys; Assurance information and training, etc.

As you can see “some work” is actually quite a lot of work.

Also, Ian has an audit to-do list described in his wiki Audit To Do.

If you have any questions or would like to get involved with the audit project, please contact support at cacert.org. We’d like to hear from you.

Teus Hagen
President of Board
CAcert Inc.