We would like to announce the availability of free PDF signature applications:
PortableSigner from http://portablesigner.sourceforge.net is a nice application with a GUI.
CAcert PDF Signer is an older, commandline only application.
Both applications are running on Java, and use the iText library, and should work on Linux, MacOSX and Windows.
http://wiki.cacert.org/wiki/PdfSigning
At the Usenix LISA’06 conference in Washington DC there will be a PGP signing party and CAcert Assurance event at the 5th of December 2006 at 8pm Wardman Park Mariott Hotel. Continue reading
RegisteredCommons is a new web-service aimed to provide a secure and trusted registry of audio, video, picture and text works. It will be launched at the 4th Wizards of OS Conference in Berlin together with Lawrence Lessig, co-founder of Creative Commons. RegisteredCommons will be using CAcert certificates for authenticating authors.
CAcert Assurance will be offered at the Wizards of OS conference in Berlin.
SHA-1 has just been broken a bit more: http://www.heise-security.co.uk/news/77244
CAcert is aggressively moving to SHA-2 as we speak.
Microsoft will support SHA-2 only in Windows Vista according to our sources.
Debian Stable, FreeBSD and OSX don´t provide SHA-2 in their current versions.
SuSE, Knoppix, FC5, Ubuntu, Mandriva, … all support SHA-2 already.
Read more details about SHA-2 support of various applications and distributions on http://wiki.cacert.org/wiki/HashInterop
Please contact your vendor to tell them that you need SHA-2 support!
http://en.wikipedia.org/wiki/SHA
At the SANE2006 system and network admin conference running from 15th of May 2006 up to Friday 19th of May 2006 in Delft, Holland (see SANE2006) CAcert Assurances as well PGP signing can be done. At Wednesday 17th of May 2006 there is from 18:30 a special (free entrance) Bazar with a CAcert booth to obtain your assurance or to assure others.
The event location is: TU Delft, Aula Congress Centre, Mekelweg 5, Delft, Holland.
Be prepared and do your preparations see CAcert web site or SANE2006 CAcert info.
At the annual technical USENIX’06 conference running from 30th of May till June 3rd, 2006 in Boston, USA you will be able to be assured by CAcert Assurers and obtaining more information at the Birds of Feather session at one of the evenings at the conference. If you only want to be assured and not attend the conference feel free to walk in and ask for a CAcert Assurer. If you want your PGP key signed feel free to drop in as well.
Be prepared and visit the CAcert web site for the preparations (Assurer Forms, registration account, etc.).
For more information see BOSTON06
The Electronic Frontier Foundation filed the legal briefs and evidence supporting its motion for a preliminary injunction in its class-action lawsuit against AT&T, claiming that AT&T is diverting Internet traffic into the hands of the NSA wholesale, in violation of federal wiretapping laws and the Fourth Amendment.
EFF Breaking NewsThe issue of statistics came up again today (as it does from time to time), currently CAcert is experiencing linear growth rates both in the number of certificates issued each month and the numbers of new signups. Assurances tend to be a bit spikey depending how many conferences attended.
In any case, the number of certificates issued has more then doubled in the past 10 months (about May last year is the half way point) so one must wonder where things are headed if the same trend continues.
Some quick stats for people, about the begining of this month we issued our 100,000th certificate, and about the same time we had our 50,000th signup, and by this time next year we could easily have more then double both those numbers.
Interesting analysis of a phishing attack at – especially the comments about the verification mechanisms of GeoTrust.
I will be manning the booth for CAcert at the ApacheCon 2005 US meeting in San Diego. I plan to be at the booth from at least 09:00 in the morning through 16:00 in the afternoon. I will stay later if there are still people coming by. Please bring as many people as you can to have assurance added to their accounts. It will help to have CAP forms pre-printed with the applicant’s information, but I will have blanks with me as well. Remember, 2 forms of official ID will be needed, at least one being photo.
I will most likely not have a computer available for people to sign up on the spot, but I can always check ID and complete paperwork, then enter in assurance points after they sign up later.
I will be happy to cross-sign GPG/PGP keys as well, so be sure to bring key fingerprints along if you want to add to your keyring signatures. On the same note, please let me know if a key signing party is being planned.
If there is anybody that can not attend the conference itself, but would like to be assured, please let me know and we can meet in the hotel lobby outside of the regular conference hours.
Feel free to contact me CAcert at mail4geeks dot com if you have any questions or would like to arrange a meet up while I am in town.