Category Archives: News

News Relating to CAcert

CAcert Blog is fully X.509 enabled

5 Replies

The CAcert-Blog is now fully X509 enabled.
From never visited the site before and using a named certificate you can, with one click (log in), register for the site and have author status ready to write your own contribution.

If you only have a WoT unnamed certificate you can write your article and it will be spam controlled by the PR people (aka editors).

If you had a contributor account and haven’t posted anything yet you have been downgraded to a subscriber (no comment or write a post access) with all the other spammers. The good news is once you log in with a certificate you get upgraded to the correct status just as if you’d registered.

There is no password authentication any more. The time taken to make sure both behaved reliably was not possible in the time the admins had available.

Please ignore the big blog upgrade notice – we are using Debian security maintained packages and don’t need a WordPress upgrade.

So get to it – write something interesting.
[Edits thanks to Henrik Heigl]

Signing server outage [solved]

Leave a reply

Friday August 14, 2009 19:15 CEST both the webserver and the signing server suffered from a short power glitch. Due to this power glitch both servers performed a spontaneous reboot. After a reboot both servers will wait for manual input, as a critical server engineer has to enter the decryption-password. The webserver can be managed remotely, this server was operational again Friday at 22:15 CEST.
The signing server cannot be managed remotely. In order to restart the signing server a visit has been made to the hosting center this morning. The signing server is operational again since Saturday Aug 15 10:30 CEST.

No other servers were involved. The signing server will be replaced with new hardware (with a dual power supply) within a few weeks, the new server is currently under test.

CAcert at Webmontag Berlin, Montag, 20. Juli 2009

Leave a reply
Am Montag, den 20.7.09 findet in Berlin bei newthinking store, Tucholskystr. 48, Berlin-Mitte
der nächste Webmontag statt. Zu diesem Termin wird es für CAcert einen 10 minütigen Vortragsslot geben.
Arbeitstitel: CAcert – Was ist das? Wer steckt dahinter? Wie geht es weiter?
Anschliessend wird es die Möglichkeit für Assurences geben (Für Assurances bitte einen oder mehrere offizielle Lichtbildausweise mitbringen – Personalausweis, Führerschein, Reisepass).
Weitere Details unter Webmontag Berlin 20.7.09

CAcert Assurer Training Event Berlin-Brandenburg am 9. Juli 2009

Leave a reply

CAcert Assurer Training Event Berlin-Brandenburg
——————————————————————————–ATE-Berlin

Es hat sich viel getan im letzten Jahr. Eine ganze Reihe von bisher eher “mündlich überlieferten” Regeln wurden in Policies gegossen. Neue Prozeduren (z.B. die Assurer Challenge) und Verpflichtungen (z.B. in dem CAcert Community Agreement) wurden beschlossen. Die Assurer Training Events wollen versuchen, die ganzen Informationen “unter’s Volk” zu bringen:

– Wovor schützt die CCA jedes CAcert-Community-Mitglied und somit auch dich?
– Kannst du die 5 Statements der “Purpose of Assurance” aufzählen?
– Kannst du auf Anhieb 10 Sicherheitsmerkmale des deutschen Personalausweises aufzählen?
Antworten auf diese und weitere Fragen erhälst du bei den Assurer Training Events (ATE’s).

Der Termin für Berlin steht nun fest.

Berlin-Wilmerdorf,
Donnerstag 09. Juli 2009 in der Zeit von 19:00 bis 21:00 Uhr
Restaurant Prometheus
Schlangenbader Strasse
12345 Berlin-Wilmerdorf
Berlin-Brandenburg, Donnerstag 9. Juni

Anmeldungen erfolgen bitte ausschliesslich über folgende Seite:
Anmeldung ATE-Berlin/Brandenburg

Die Teilnahme der Veranstaltungen ist kostenlos, Spenden werden aber gerne gesehen.

Details zum Veranstaltungsort und Anfahrthinweise findet Ihr im Wiki und
bei mixxt.de, siehe die Links oben.

Das Veranstaltungs-Team freut sich schon auf Eure Teilnahme.

Kontakt: events@cacert.org

Ian Grigg resigned as auditor in the “audit for CAcert” project with CAcert

Leave a reply

CAcert regrets to announce that Ian Grigg resigned as auditor for CAcert, effective the 12th of June 2009. Ian is ending his activity on behalf of CAcert Inc within the “audit for CAcert,” audit project.

Ian’s work was a primary element in the audit project, which started in the beginning of 2008. The one and a half years project is almost at the point of the second of the three mile stones. Because of the long time it takes for getting policies accepted in the far-flung CAcert Community and CAcert Board, a board run in the spare time of its members, the end date of the project has shifted greatly. The true amount of work was underestimated.
All together, this made funding and periodic payment of expenses quite troublesome.

Ian influenced and achieved quite a lot of the current set of policies, agreements and documentation. CAcert thanks Ian for his contribution. It is most regrettable that Board actions to find solutions to the problems mentioned did not succeed to undo the resignation.

CAcert now has to find another auditor, and we expect that this may take some time. In the meantime, some work still has to be done in order to get CAcert ready for an audit.
This includes: finalizing and accepting the Certificate Policy Statement (CPS); working to make sure that Organisation Assurance can be audited (i.e., write-up of the Organisation Assurer Manual, and …); continuing the audit on the code for security; continuing finding a solution for Third Party assurances; continuing to incorporate new policy functions into the Web software system; testing of the new (Sub)Root Keys; Assurance information and training, etc.

As you can see “some work” is actually quite a lot of work.

Also, Ian has an audit to-do list described in his wiki Audit To Do.

If you have any questions or would like to get involved with the audit project, please contact support at cacert.org. We’d like to hear from you.

Teus Hagen
President of Board
CAcert Inc.

CAcert auf der CBLOS Flensburg 12.-13.6.09

Leave a reply

CAcert wird auf der CBLOS mit einem Stand und 2 Vorträgen am Samstag vertreten sein:

10:45 – 11:30 Workshop: CAcert – Was ist das?
Vorstellung CAcert, Einführung in die E-Mail Signatur und Verschlüsselung, Server SSL

Ich möchte am Workshop in Flensburg teilnehmen!

14:00 – 16:00 Assurer Training Event – Flensburg
Für alle anwesenden Assurer und Assurer aus der Umgebung die Möglichkeit einer Fortbildung

Ich möchte am ATE-Flensburg teilnehmen!

CAcert will be at CBLOS with a booth and 2 presentations on Saturday:

10:45 – 11:30 Workshop: CAcert – What is this?
CAcert Introduction, Introduction to Email signing and encryption, Server SSL

I will attend to the Workshop!

14:00 – 16:00 Assurer Training Event – Flensburg
For all attended Assurers and Assurers from that area the possibility for an advanced training

I will attend to the ATE-Flensburg!

Infos: CrossBorder Linux Open Source (CBLOS) CBLOS
CAcert at CBLOS CAcert WikiFlensburger Hafen

CAcert Assurer Training Event Amsterdam, Mo June, 15th 2009 and Eemnes, Sa June, 20th 2009

Leave a reply

Amsterdam

CAcert Assurer Training Event Amsterdam and Eemnes
——————————————————–
Er is het laatste jaar veel gebeurd. Een hele reeks van tot nu toe veelal “mondeling overgedragen” regels, zijn in Policies gegoten. Nieuwe Procedures (b.v. de Assurer Challenge) en verplichtingen (b.v. in de CAcert Community Agreement) werden vastgesteld. De Assurer Training Events trachten de volledige informatie “onder het volk” te brengen.
– Waartegen beschermt de CCA ieder CAcert-Community-Lid en dus ook jou?
– Kan je de 5 Statements van de “Purpose of Assurance” opnoemen?
– Kan je onmiddellijk 10 veiligheidskenmerken van het Nederlandse paspoort/identiteits kaart opnoemen?
Antwoorden op deze en verdere vragen krijg je bij de Assurer Training Events (ATE’s)
De deelname aan de evenementen is gratis, bijdragen worden echter gaarne tegemoet gezien.
—————
De ATE-Amsterdam vindt plaats op:
– Maandag, 15. Juni van 20:00 tot 22:00 uur.
– in SCHUBERG PHILIS
Star Parc
Boeing Avenue 271
1119 PD Schiphol-Rijk
—————
De ATE-Eemnes vindt plaats op:
– Zaterdag, 20. Juni van 10:30 tot 12:30 uur, met uitloop tot 15:30 voor gewone waarmerkingen
– in de Hilt
Hasselaarlaan 1c
3755 AV EemnesHet evenementen-team verheugt zich al op jullie deelname.

—————
CAcert Assurer Training Event Amsterdam
Aanmelding ATE-Amsterdam;

CAcert Assurer Training Event Eemnes
Aanmelding ATE-Eemnes;
contact: events@cacert.org

Much has happened during the past year. A list of up till now mostly “orally transmitted” rules have been cast in policies. New procedures (e.g. the Assurer Challenge) and obligations (e.g. in the CAcert Community Agreement) have been decided. The Assurer Training Events try to bring all this informations to “the people”:
– To what, does the CCA protect every CAcert-Community-Member and as such also you?
– Can you recount the 5 statements of the “Purpose of Assurance”?
– Can you at least recount 10 security marks of the Dutch passport/Identity card?
Answers to these and following questions are given at the Assurer Training Events (ATE’s).
Participation in the events is free, Contributions are however appreciated.Amsterdam:
—————
The ATE-Amsterdam takes place on:
– Monday, June 15th from 20:00 till 22:00
– at SCHUBERG PHILIS
Star Parc
Boeing Avenue 271
1119 PD Schiphol-Rijk
—————
The ATE-Eemnes takes place on:
– Saturday, June 20th from 10:30 till 12:30, followed by normal assurances till 15:30
– in de Hilt
Hasselaarlaan 1c
3755 AV Eemnes
The Event-Team is already excited about your participation.
Registration ATE-Amsterdam
Registration ATE-Eemnes
contact: events@cacert.org