Tag Archives: Software

A Digital Identity Card for Switzerland

Leave a reply

On 28 September, the Swiss will vote on the introduction of a digital identity card (e-ID). The proposal gives users the greatest possible control: personal data remains on the user’s phone. Neither the state nor private companies can track the use of the e-ID. And users decide for themselves with whom they share which information.

The example of pornography websites shows what this could mean in concrete terms. Today, children and young people can access these sites by clicking on ‘I am over 18’, even though pornography portals in Switzerland are actually required to block young people under the age of 16. In a future with e-ID, it would be possible to carry out age checks that protect privacy: Thanks to the e-ID, anyone who wants to visit the site does not have to reveal their name or date of birth. It is sufficient to disclose that the user is over 16.

The e-ID thus protects young people as well as the privacy of all users. To prevent the system from being exploited, the federal government maintains a register of companies that request too much information from the e-ID. If, for example, the pornography site wanted to register the name or date of birth of its users, users could report the site. The E-ID app would then warn other users about this website. At least, that is what the authorities hope.

No honey pot of data

The approach is clever. Nevertheless, when it comes to digitisation projects, no programme code in the world is 100% secure. The developers currently working on the e-ID code are well aware of this. They have therefore built a system without a central register – meaning there is nothing worth hacking.

To further increase the cyber security of the e-ID, the federal government has also published the programme code and launched a competition: anyone who reports a vulnerability will receive a reward. The 120 developers at the federal government want to harness the collective intelligence of the developer community.

Initial independent analyses of the programme code have shown that the programme actually does what the legal text promises. No more and no less. The code is not yet complete, and important components are still missing. But experts expect progress to be made soon. There is still time until the earliest possible introduction date in the third quarter of 2026.

One can say yes to the introduction of the e-ID, but no to its disproportionate use. Of course, no one wants to have to identify themselves with a government ID at every corner of the internet. We still need digital spaces where we can comment on political issues disguised as Mickey Mouse. Controversial opinions must also be able to be published and debated. This freedom must be defended.

CAcert’s OpenID Connect is now working

Leave a reply

CAcert was represented at Froscon last week end. Our volunteers presented the new OpenID Connect project and discussed with the attendees. In fact, an exciting development this year was the completion of a first version of the CAcert OpenID Connect tool, allowing our members to use their Client Certificates to log in to various other services without using passwords. Services such as Nextcloud, Mantis, and possibly Drupal and WordPress can provide our members easy access. Work will continue on this project into the next month.

CAcert staff talking to interested public and giving assurances at FrOSCon booth

Are you so enthusiastic that you want to help out yourself? Read here what opportunities are available to you! Or how you can cover the operating costs with a small donation of €10: https://paylink.conotoxia.com/t3A15JkVVW or IBAN CH02 0077 4010 3947 4420 0

Software Team extended

Leave a reply

They repair our systems, expand them and adapt them to new requirements. Put new functions through their paces. They deal with errors and find innovative and pragmatic solutions. They also plan, develop and programme new pillars for CAcert. We are talking about a dedicated small group of volunteers known as “Software Team”. When you talk to them, you can immediately sense the enthusiasm with which they work in their free time to create new things together and make progress.

The fact that various small projects have been completed in recent months, that age-related weaknesses have been ironed out and errors rectified, and that a major new project has been brought to the finishing line, is not only thanks to the dedication of these people, but also to the fact that they have succeeded in winning over others. The software team has actually grown this year, with new members joining the team. In fact, the software team has actually grown this year, with new members joining the team.

New recruits initially take on small tasks, working hand in hand with volunteers who know our systems inside out like nobody else. Once they have passed the security check, formerly known as ABC, replaced some time ago by BGC, they also help with work on system-relevant software. Welcome to the Software Team of CAcert!

To join the Software Team or an other team of CAcert or just to give them a hand from time to time, just read on here… (information also available in català | cesky | dansk | deutsch | english | español | français | italiano | nederlands | polski | português)

Contribute to our expenses with €10 https://paylink.conotoxia.com/t3A15JkVVW or IBAN CH02 0077 4010 3947 4420 0

CAcert Services mostly running again

Leave a reply

In Wednesday another visit at the datacenter took place, where we installed the updated webdb1-machine to the rack.

There are still some minor issues left (e.g. language selection for main website, automatic mails), which will be activated again remotely withins the next days.

This time the available time on critical teams site was blocked by some investigation issues (e.g.: What caused the outage, why did the internal routines and raid did not work) and non CAcert-related issues (as we all have a family and job, which are time-consuming as well) and and outage of usable internet-connection on critical teams site.

Naming this: If you’re living next to or in Netherlands and want to give us a helping hand for infrastructure and (possible) critical team feel free to contact us via support.

Certificate renewing is pending (update & help)

Leave a reply

Some of our community members (users) get a problem while they try to renew an existing certificate. The issue is: Certificate renewal is pending for days/weeks.

First of all, CAcert is not a service provider or a company, but a community. We are all in the same boat. We can only achieve our goals together, with your the cooperation of all of us (of all users=members).

One of our volunteer support engineers, a retired gentleman somewhere in Bohemia, wrote, after he watererd the flowers in the garden:
1. Many users use CAcert without any assurance. Until now, their CSRs were signed by Class 1 Root (–> serial # 1xxxxx) and their CSRs/renewals are stuck in a queue now.
2. These users know absolutely nothing about existence Class 1 & Class 3 Roots, as they don’t remember installing root(s), and when creating a new cert, they cannot see the choice Class 1/3, because with <50 assurance points (trust points) it isn’t displayed.
3. Many users do not know about the existence of Wiki, bugs, blog, CATS… websites. Our education possibly fails in this direction.

And from Alsace, a baker who is also CAcert volunteer writes after putting the children to bed: There is a lot of information and many tutorials are at the FAQ at https://wiki.cacert.org How to create a certificate can be found at: https://wiki.cacert.org/HowTo/ClientCertCreate/

Another help message was sent by a CAcert volunteer who works as a bus driver from his mobile phone during the short break at the terminus: To get assurance points, the easyest way is to meet with two (or three) experienced assurers who can then credit you with the assurance (trust) points you need (you need 50 and get 10-35 per assurer). When you are on cacert.org in your account, go to the Web Of Trust: https://www.cacert.org/wot.php?id=12 (here you can enter your town and search for assurers in the area) or: https://www.cacert.org/wot.php?id=1 (here you can click through to choose from about 6000 assurers worldwide).

Thank you very much to all our active community members who helps here and there and gives other community members a hand. Even very little help is helpfull. If e.g. each of the 6000 assurers from the assurer directory helps with something small for 10 minutes per month, that is already 1000 hours of work. That would solve (almost) all problems. Here is how you too can give your CAcert community a hand: https://wiki.cacert.org/engagement

And another volunteer from Sweden points out, that the issue will not go away till the interface is fixed, which is a work that has been started, but not finished. Furthermore, renewing old incorrectly signed certificates will never work again, as we have said we will not fix the broken code for that, as no certificates should ever have been signed that way. We can’t continue signing them incorrectly.

Last chance, hurry up, catch your review!

Leave a reply

Dear friend of #CAcert, here comes the last #bugs that needs a #review. We are so glad, that you are willing to #help you #community and review only one of them during the #spring #offensive.

https://bugs.cacert.org/view.php?id=1310
https://bugs.cacert.org/view.php?id=1129
https://bugs.cacert.org/view.php?id=1302
https://bugs.cacert.org/view.php?id=875
https://bugs.cacert.org/view.php?id=1304

We published all ready 12 bugs for review earlyer today in this channel. Maybe, you find a more conviniant one there?

Papillon, vient voir les bugs

Leave a reply

Qu’est-ce qu’une #revue par rapport à la résolution d’un problème? Vole comme un papillon sur l’une de nos fleurs de bug et regarde le code. Voici la troisième série de quatre, si tu ne trouves rien qui te convienne pour participer à l’offensive #CAcert du printemps, nous t’en fournirons quatre autres dans quelques heures ou regarde les huit premiers, publiés il y a quelques heures.

This are new links, number 9-12:
https://bugs.cacert.org/view.php?id=1149
https://bugs.cacert.org/view.php?id=1382
https://bugs.cacert.org/view.php?id=1383
https://bugs.cacert.org/view.php?id=1355

Join the CAcert Spring Offensive

Leave a reply

What’s a #review compared to solving a problem? Flutter like a butterfly on one of our bug flowers and check out the code. Here are the second four, if you don’t find anything suitable for you to join the #CAcert spring offensive, we’ll give you four more in a few hours.

https://bugs.cacert.org/view.php?id=1354
https://bugs.cacert.org/view.php?id=1423
https://bugs.cacert.org/view.php?id=775
https://bugs.cacert.org/view.php?id=1253
Nothing that fits you? Have a look to the first four links we published two hours ago in the german post.

Mach es wie die Schmetterlinge

Leave a reply

Was ist schon eine #Review im Vergleich dazu, ein Problem zu lösen? Flattere wie ein Schmetterling auf eine unserer Bug-Blumen und Schau dir den Code an. Hier sind die vier ersten, wenn du nichts für dich passendes findest, um bei der #CAcert Frühlings Offensive mitzumachen, reichen wir dir in einigen Stunden vier weitere nach.

https://bugs.cacert.org/view.php?id=971
https://bugs.cacert.org/view.php?id=8
https://bugs.cacert.org/view.php?id=1360
https://bugs.cacert.org/view.php?id=1317