The will be a WOT event on 26th of June (Wednesday evening at 19h to 20h local time) at the Techfak in Erlangen, Germany.  We are still looking for CAcert assureres. More Information can be found at the planning Wiki. There will also be the Techfak Sommerfest at the same location, so nobody will go hungry.

The second edition of the Metro Olografix Camp (MOCA) will take place August 21st to 24th 2008, at the “ex Caserma Di Cocco” Park in Pescara, Italy (look at the map). MOCA is a hacker camp in north-European style, free admittance, open to all, to meet and have fun sharing information and knowledge.

Italian CAcert assurers will be available for information and individual assurances during the four camp days.

A Keysigning party is also planned, you can register on Biglumber.

On august 8, 9, 10 and 11 the Festival Of Roses (Rozenfestival) is held in Lottum, the Netherlands.
If you plan to visit and you’re looking for assurers, Maurice and Joost will be at the festival itself (and several more in the vicinity).

There will be no official CAcert stand and no official CAcert presence. plese make arrangements with us in advance, otherwise finding us can be hard.

OpenExpo, the Swiss conference and trade show for Free and Open Source Software, takes place for the 5th time Wednesday and Thursday September 24 and 25, 2008 at the Eulachhallen in Zürich/Winterthur. Read more… http://www.openexpo.ch/en/openexpo-2008-zurich

Additional Swiss assurers or assurers from any country with successfully passed assurer test and willing to help, register in the CAcert.org Wiki: http://wiki.cacert.org/wiki/OpenExpoCH2008-Z%C3%BCrich/Winterthur

———————————————————————————————————————————————–

OpenExpo, die Schweizer Messe und Tagung für Freie und Open Source Software findet in fünfter Austragung am Mittwoch und Donnerstag, 24./25. September 2008 in den Eulachhallen Zürich/Winterthur statt. Mehr unter… http://www.openexpo.ch/openexpo-2008-zuerich

Zusätzliche Schweizer Assurer oder Assurer aus irgend einem Land mit erfolgreich absolviertem Assurer Test, welche mithelfen wollen, tragen sich bitte im CAcert.org Wiki ein: http://wiki.cacert.org/wiki/OpenExpoCH2008-Z%C3%BCrich/Winterthur

The June Audit report to the Community, the latest in a series of two-monthly reports, is now on the wiki.  Here are some highlights.

The biggest issue facing CAcert is the state of the systems and the systems administration team. The Audit requirement is for the systems to be under a secure regime that is suitable for a certificate authority:  dual control, extra eyes over the critical systems, and reasonable physical security.  These things have not been done for the critical systems, and only partly done for the non-critical systems such as email, wiki.

The recent plan to have Evaldo lead the process has been dropped (not in my opinion due to any failing on his part).  Now the board of CAcert has to work up a new plan to make this happen somehow.

The move of the critical systems and the rebuilding of systems administration into a team has taken on the aspect of a never-ending Nordic saga, which is no good sign.  I will give it until the end of the year to see if CAcert can build the team, and put the systems into shape.  If not, we as a Community will have to re-examine how we are going to move forward without systems that are adequate to the certificate authority mission.

Other highlights:

• The CAcert Community Agreement is in place as policy, now, but the roll-out of other important issues such as CAP form (here), agreement on the website, and emailed notifications of change are all lacking.  Lack of developers is an issue, and is probably the same story as with the systems administrators team.
• Arbitration is working out well, and we are now in the “teething stage” of working through the little and unexpected problems.
• The Assurance Policy work-in-progress is now in a call to go to DRAFT, which will make it binding on the community.  This important document lays the framework for Assurance, leaving most of the details for the Handbook.  There are a couple of fairly minor changes that Assurers will need to be aware of:
  • Assurance points now only cover Assurance on your details, and there is now (to be) a new count for Experience Points.  Assurance Points will therefore always indicate only of how others have assured you, and Experience points will indicate how many Assurances you have done.
  • Mutual Assurance is now a standard option, and the CAP form will be upgraded to show that.  In effect, a non-Assurer can now assure an Assurer, but, this assurance happens under the supervision and responsibility of the Assurer.  For this, a non-Assurer can allocate 0,1,2 points according to her judgement, and you should teach her to be skeptical!
• As soon as we can make it, the older Assurers who have not done the Assurer Challenge will be blocked from more Assurances.

The Audit is a long way behind schedule.  As above, the systems are completely stalled.  The policy work is also slow, and although not a blocking action, it should be stressed:  we need these policies in place, not perfect, but usable.  Seek for consensus, and be prepared to lose some battles.  By the end of the year, we should have the Assurance process on a good strong basis.