CeBIT 2009

Leave a reply
CeBIT 2009 - Hannover CeBIT Germany is the most important european IT Fair

Tue(Di), 2009-03-03 to Sun(So), 2009-03-08
Hannover, Fair (Messe Hannover)

Meet us at Hall(Halle) 6,

Booth(Stand) F-36/2

Website: http://www.cebit.de
CAcert-Wiki: http://wiki.cacert.org/wiki/CeBit2009

At the booth itself there will be always enough Assurers to prove your Identity and answer all your Questions according CAcert. Please notice, that only NEW CAP-Formulars (http://www.cacert.org/capnew.php) are valid. Old CAP-Formulars can not be accepted!

Am Stand selbst werden immer genug Assurer anwesend sein, um Ihre Identität zu überprüfen und Fragen beantworten zu können. Bitte beachten Sie, daß nur die NEUEN CAP-Formulare (http://www.cacert.org/capnew.php) gültig sind. Alte CAP-Formulare können nicht mehr akzeptiert werden!

first EU MozCamp 2009, a chance to obtain CAcert assurances!

Leave a reply

The first EU MozCamp 2009 is helt on 6th of March 2009 in Utrecht, Holland. You will get a chance to be fully assured on this MozCamp. Have a look at the CAcert wiki page Assurance Preparations information is provided how to prepare yourself for such an assurance event.. The assurances will be done during lunch time.

CAcert.org at OpenExpo09 in Bern – April 1. and 2., 2009

Leave a reply

OpenExpo, the Swiss conference and trade show for Free and Open Source Software, takes place for the 6th time Wednesday and Thursday April 1 and 2 (No April Fool’s Joke!), 2009 at the BEA expo Hallen in Bern. Read more… http://www.openexpo.ch/openexpo-2009-bern/

Additional Swiss assurers or assurers from any country with successfully passed assurer test and willing to help, register in the CAcert.org Wiki: http://wiki.cacert.org/wiki/OpenExpo2009-CH-Bern

———————————————————————————————————————————————–

OpenExpo, die Schweizer Messe und Tagung für Freie und Open Source Software findet in sechster Austragung am Mittwoch und Donnerstag, 1./2. April 2009 (Kein Aprilscherz!)in den BEA expo Hallen in Bern statt. Mehr unter… http://www.openexpo.ch/openexpo-2009-bern/

Zusätzliche Schweizer Assurer oder Assurer aus irgend einem Land mit erfolgreich absolviertem Assurer Test, welche mithelfen wollen, tragen sich bitte im CAcert.org Wiki ein: http://wiki.cacert.org/wiki/OpenExpo2009-CH-Bern

upcoming events

Leave a reply
banner_nl_1_2009.jpg

at the upcoming events wikipage there are some new events. Any volunteer can pick the event wich he or she likes and write some lines at the page.
In the Netherlands we have soon 3 great events: the Mozilla Camp, the NLUUG and the HAR2009. Anybody is free to fill in and participate.

Assurance Event + Disk Destruction = Vienna 28th Feb

Leave a reply

There will be a combined Assurance Event and Disk Retirement Processing (a.k.a. Destruction) in Vienna, Austria, 28th February.

Likely agenda will be:

  1. Presentation of “New Assurance”
  2. Workshop for New Assurers:
  3. Lots of Assurances
  4. Ceremony for the Destruction of the Vienna Disks,
    • as directed by the Board of CAcert.
    • Bring your heavy tools.

Garnisongasse 7.  19:00 to 21:00.  Mark your calendars, diaries, agendas, foreheads!

CaCert certification at NLOSUG meeting

Leave a reply

At the January 29 2009 NLOSUG (Dutch OpenSolaris Usergroup) meeting at Competa IT in Rijswijk (NL), we will be doing CaCert assurances. Enough assurers will be available to get you 70 points. Register at cacert.org, bring 2 pieces of govt. issued photo id and enough (>2) CAP forms. The program can be found on http://sun.in-box.nl/mc/5490/ or http://www.nlosug.org

CAcert-Parties im Rheinland und Ruhrgebiet

Leave a reply

Im Rahmen der Vorträge der beiden Java-User-Groups rheinjug und ruhrjug wird es wieder die Möglichkeit geben, sich assuren zu lassen:

Die Vorträge selbst finden ab ca. 19:00 statt, Assurer werden ab ca. 18:30 vor Ort sein. Während den Vorträgen ist KEINE Assurance möglich, erst wieder ab ca. 21:00.

Rheinjug (15.1.2009), Thema: Was ist OpenESB?, Dozent: Christof Strack

> Institut für Informatik
> Heinrich-Heine-Universität Düsseldorf
> Gebäude 25.22
> Hörsaal 5D (oder 5F, je nach Resonanz)

Ruhrjug (22.1.2009), Thema: Erstellung hoch-performanter Websites, Dozent: Peter Roßbach

> Unperfekthaus
> Friedrich-Ebert-Strasse 19
> 45127 Essen

Bei beiden Gelegenheiten wird auch PGP-Keysigning möglich sein.

CAcert Assurance event in Madrid

Leave a reply

Next January 14th Medialab-Prado (Madrid) will host the CAParty CAcert Assurance event. A PGP signing party will happen too.

A full description in Spanish with all the details on how to attend is published on the website.

Join to the Web of Trust!

CAcert Assurance event Fosdem’09, Brussels, Sun 8 Febr 2009

Leave a reply
At the upcoming Fosdem’09 Free and Open Source Developers’ European Meeting, 7-8 Febr 2009 in Brussels, Belgium there will be at Sunday 8th of Febr 2009 12-14 pm  a CAcert Assurance event as well a PGP signing party will be helt. During the two meeting days there will be enough assurers around to assure you also if you cannot make it on this party time.Be prepared and take the newest 2009 CAcert Assurance Programme form and for PGP your PGP fingerprint with you to the meeting. Make sure you agree to the CAcert Community Agreement and if you have at least 100 Assurance points you have passed the Assurer Challenge. For more details visit the Fosdem web pages and the Assurance Party pages.

Happy new attack!

6 Replies

A few days ago, a group of scientists and security specialists finally succeeded to create a rogue CA that was able to issue certificates that are accepted by all browsers:

http://www.win.tue.nl/hashclash/rogue-ca/ and http://www.phreedom.org/research/rogue-ca/ The problem underneath are weaknesses that were discovered in the MD5 hash-algorithm.

CAcert has switched from MD5 to SHA-1 for certificate-issueing a few years ago, when the first research results were made public that indicated that such an attack will become feasible. CAcert is currently still using an intermediate CA that was issued with an MD5 based signature 3 years ago. We are currently working to phase out this intermediate CA.

We suggest that all certificates (except for root certificates, which aren’t affected), regardless of which CA has issued them, that were still issued with MD5, be replaced with SHA-1 based certificates within the next 3 months. We also suggest that all company-internal or organisation internal CA’s be checked and switched from MD5 to SHA-1 where necessary. To detect, whether a webserver certificate or any of the intermediate certificates are MD5 based, you can use this Firefox extension: http://codefromthe70s.org/sslblacklist.aspx

Happy new year!