CAcert Assurance event ApacheCon Eur’08, Amsterdam, Apr 7-11 2008

ApacheCon logo

At the ApacheCon April 7-11, 2008 in Amsterdam, the official Apache User conference of the Apache Software Foundation there will be a CAcert booth for Individual and Organisation Assurances from 9-11 April. Visit the booth!

Be prepared and if you are not a CAcert Coimmunity Member yet, read the Community Agreement, join and registrate and print at least three Community Application (CAP) forms with your name and email address for the Assurance event.
The Oophaga Foundation, which organisation is taking care of CAcert events in Holland is looking for CAcert assurers who can help to assure on these conference dates. Please react to cacert-support if you want to help.

Audit Report 20080321

Leave a reply

As promised, there is now a current report posted on the wiki from Audit. Highlights:

CAcert is in the process of rolling out its new CAcert Community Agreement. The website now refers to it.
Soon, expect to see checkboxes to tick with statements like “I agree to the CAcert Community Agreement”.
The Assurance Policy is the next policy that the Audit needs tied down. Currently, it is at an advanced stage. Debate is going on as to whether to drop the requirement for Dates of Birth, as these are considered useful for fraud in some places. Unfortunately, the system does use this as an internal discriminator, so there are pros and cons.
Pat Wilson is now working on the Security Manual. Thanks, and welcome Pat!
The critical systems are the critical path for audit! Evaldo has been tasked to build the sysadm team, move the systems and implement dual control. See other blog entries!
Have you met the Assurer Challenge yet? CATS is in place, and some time soon, assurances will be blocked for those who have not as yet met the challenge.
If you are interested in the Audit work, there is a ToDo list on the wiki, and I have put the audit criteria online with the working commentary and (wip) conformance. See the main report for that location and the secret password!

That’s it from the Audit side. Now over to you!

Audit Report 20080111

Leave a reply

One of the things that happened last year was to negotiate an audit funding deal with NLnet. (This has now agreed and first tranche of funds has been delivered to CAcert.) One of the requirements imposed on CAcert was to deliver reports to the Community and to NLnet at each event like milestones, and at approximately 2 month intervals.

With that in mind, I wrote a 2008 New Year’s report as a sort of checkpoint. For some reason it wasn’t published then, but is now on the wiki. Highlights are these:

Many policies are now in POLICY or DRAFT. Some important work-in-progress projects are started, especially the Assurance Policy. This project needs help!
The work on Risks/Liabilities/Obligations finally settled on a CAcert Community Agreement.
NLnet funds CAcert for audit, described here.
Non-critical systems were moved last year to Netherlands BIT center, but critical systems are still in their halfway house. CAcert needs more sysadms.
Audit Criteria are going on-line.
Best is last: CATS went on line: Have you done the Assurer Challenge yet?

The full report is found on the wiki area. Bear in mind that this report is late, and another is already due. I’ll start on that now!

IT fair in Bamberg, Germany

Leave a reply

There will be a CAcert booth at the IT fair in Bamberg, Germany organized by trainees of Deutsche Telekom AG on 19th and 20th of March. Main topics will be Linux and networking. More information can be found on the website (german).
Address: Deutsche Telekom AG, Wilhelmsplatz 3, 96047 Bamberg, Germany

Im Rahmen der von Auszubildenden der Deutschen Telekom organisierten IT-Messe zum Thema Linux und Netzwerk wird es auch einen CAcert-Stand geben. Die Messe findet vom 19.-20. März in Bamberg statt. Weitere Informationen können der Webseite entnommen werden.
Adresse: Deutsche Telekom AG, Wilhelmsplatz 3, 96047 Bamberg

Recruiting System Administrators

Leave a reply

Calling all system administrators in the CAcert Community! We have need of help in running services like web, svn, wiki. Please contact evaldo@cacert.org if you can help.

CeBIT 2008

Leave a reply

CeBIT Germany is the most important european IT Fair

Mo, 2008-03-04 to Sun(So), 2008-03-09
Hannover, Fair (Messe Hannover)
Meet us at Hall(Halle) 5,
Booth(Stand) G47/3

Website: http://www.cebit.de
CAcert-Wiki: http://wiki.cacert.org/wiki/CeBit2008

CAcert Community Agreement is defined now!

Leave a reply

As you may know, CAcert started a big effort in 2007 to address who we are as members of a CA service provision, the Community and the increase of the recognition of CAcert as a professional CA.
CAcert belongs now to the top ten CA’s in the world! This all was inspired and demanded by the need to have CAcert Root Key included in the browsers. For this CAcert started the Audit process, which focused on the questions of Risks, Liabilities, and Obligations amongst us all.

CAcert has now conquered that monumental task. Core of that task was defining who we are as a community, and writing a CAcert Community Agreement that we can all agree to, which brings us together as that community, and which protects you, using the CAcert issued certificates, legally, financially and freely.

Here you can read the details of the CAcert Community Agreement .

Introductory notes on the agreement are on the wiki. This introduction attempts to explain some of the parts, which need maybe some more explanation, eg on free certificates, privacy concernings, certificate care and usage risks, and the CAcert Community.

The Agreement is now approved: by the Board, by the Policy Group, and by the Association, and it is now ready for you!

CAcert software developers will modify the website and the Assurance team will modify the Assurance processes to ask people to agree to it.This will take some time.
In the end we will need agreement from everyone inside the CAcert Community, because it protects each and every one of you, and all of us together, as a community.

CAcert Management Sub-Committee

CATS up and running

Leave a reply

To meet the increased demands on quality assurance due to the CAcert Systems Audit, which is needed to be included in Mozilla’s browsers, CAcert has decided to initiate a Challenge for all for Assurers.
To be an Assurer, you will need to reach 100 assurance points, and you will have to pass the Assurer Challenge. The assurer challenge and training system called CATS is so now avaliable. Under http://wiki.cacert.org/wiki/AssurerChallenge you can find the infos how to join and participate.

further Informations:

Assurance Handbook 2 – Necessary Lekture for all Assurer
Assurer Training (PDF, english)

CAcert Merchandising Shop

Leave a reply

our new CAcert Merchandising Shop is online.
You can find it under http://cacertshop.spreadshirt.net and you can find there many cool things like Shirts, Caps, Pins, Coffy Mugs, Stickers, etc.

Linuxdays.lu 2008

Leave a reply

Well, the aim of the Linuxdays in Luxemburg is to promote and support the Open Source & Free Software movement. The basic idea of Open Source & Free Software is that developers around the world distribute, modify and test their software via the Internet, resulting in products often exceeding the quality of commercial software. The power and cumulated knowledge of the Open Source & Free Software Community ensures that new features are implemented very quickly and that bugs are fixed the moment they are discovered.

CAcert Assurances will be possible there.

More Infos for Assurers and people who wants to get assured: http://wiki.cacert.org/wiki/LinuxDaysLU2008