The Cacert Project- An Invitation to CAcert ATE Tokyo -                       Taisuke Yamada                       @tyamad...
Agenda1. What is Cacert?2. What can it do for you3. Current status4. How does it work5. Invitation to ATE Tokyo   (at OSC2...
So, what is it?  Its a “community”-based      Certificate Authority
So, what is it?  What? → OK, Ill explain...
Certificated-based “trust” basics                                   Websites                                        Email ...
Solution: “Chain of trust”For you, everything is built onThese 2 links you trust!                                         ...
So, what about CAcert?Usual CA            CAcert  The G-O-D(tm)          Automated    Root CA                Issuer       ...
In another word,   Now, the G-O-D is gone,   replaced by the Web-of-   Trust.
What can CAcert do for me?   0pt Issues minimal server / client /       SMIME cert. Valid for 6 month.  50pt Issues fully ...
But WAIT!   Isnt that a “Ore-Ore”?
But WAIT!     Isnt that a “Ore-Ore”?  Named after “Ore-Ore“ fraud scheme, which calls up  elderly (like 80+ old) and tells...
Going for a “True” Root CA●   Already in many Linux/*BSD distros●   Current target: Mozilla●   Windows and OSX: TBD       ...
Going for a “True” Root CA●   Already in many Linux/*BSD distros●   Current target: Mozilla●   Windows and OSX: TBD    In ...
How does it work, and what do I do?  For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you,    alon...
How does it work, and what do I do? For Assurer1. Try best to check validity of user-   provided ID (ex. UV-light checks)2...
Topics in Japan We are having the first official CAcert event in Japan!
ATE Tokyo (Assurer Training Event)1. One of the requirements to become a   “Senior Assurer”.2. A chance to assurer people ...
NOTE: Assurer “Experience Point”  0EP Can give up to 10pt/assurance.        Each assurance provides 2EP back        to an ...
AnnouncementDate :2011/3/5Place: Waseda Univ.             Shinjuku                              Sports Center       West C...
Upcoming SlideShare
Loading in …5
×

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

1,213 views
1,124 views

Published on

Presentation done at TLUG 2011/2/19 tech meeting.
Includes introductory information on CAcert, and also an invitation to the first official CAcert. ATE (Assurer Training Event) Tokyo in Japan.

ATE Tokyo will be on Mar 5 (Sun), during OSC (OpenSource Conference) 2011 Tokyo/Spring at Waseda University (near Shinjuku).

Published in: Technology
1 Comment
0 Likes
Statistics
Notes
  • Be the first to like this

No Downloads
Views
Total views
1,213
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
5
Comments
1
Likes
0
Embeds 0
No embeds

No notes for slide

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

  1. 1. The Cacert Project- An Invitation to CAcert ATE Tokyo - Taisuke Yamada @tyamadajp
  2. 2. Agenda1. What is Cacert?2. What can it do for you3. Current status4. How does it work5. Invitation to ATE Tokyo (at OSC2011, on Mar 5, 2011)
  3. 3. So, what is it? Its a “community”-based Certificate Authority
  4. 4. So, what is it? What? → OK, Ill explain...
  5. 5. Certificated-based “trust” basics Websites Email Application How do you know that what you are accessing is what it claims to be?
  6. 6. Solution: “Chain of trust”For you, everything is built onThese 2 links you trust! Root CA User Web Intermediate CA Email User AppUser Distribution
  7. 7. So, what about CAcert?Usual CA CAcert The G-O-D(tm) Automated Root CA Issuer Web-of-Trust“All you need is “Trust each other, to BELIEVE (me)” and Ill bless you”
  8. 8. In another word, Now, the G-O-D is gone, replaced by the Web-of- Trust.
  9. 9. What can CAcert do for me? 0pt Issues minimal server / client / SMIME cert. Valid for 6 month. 50pt Issues fully descriptive cert, backed by higher class cert. Valid for 2 years. 100pt All of the above + code-signing cert. You can also give out points if you pass the Assurer Challenge test. By being “assured”, youll obtain points for creating higher-level certificate.
  10. 10. But WAIT! Isnt that a “Ore-Ore”?
  11. 11. But WAIT! Isnt that a “Ore-Ore”? Named after “Ore-Ore“ fraud scheme, which calls up elderly (like 80+ old) and tells “Granma, its me! (Ore!) I had a accident with Yakuza, and need to pay them! Please! Let me borrow $5000! My bank account is...”. Who got a call will panic, and sends without thinking. So “Ore-Ore” cert is a cert that claims its public authority without backing of any other public CA.
  12. 12. Going for a “True” Root CA● Already in many Linux/*BSD distros● Current target: Mozilla● Windows and OSX: TBD Therere “cheap” commercial CAs. But, CAcerts goals are: ・ To build world-acknowledged CA based on community effort ・ Provide *everyone* a secure env. Its also useful to make cert managemnet easier!
  13. 13. Going for a “True” Root CA● Already in many Linux/*BSD distros● Current target: Mozilla● Windows and OSX: TBD In short, audit by independent third party is required. And in 2010, CAcert has prepared all the legal docs and (strict) policy for an audit! (some still under draft).
  14. 14. How does it work, and what do I do? For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you, along with government-issued ID. 3. Fill out, sign, and give the CAP form in front of an assurer, face-to-face You can start issuing certs right after registration. Its just more points are needed to create higher-level ones.
  15. 15. How does it work, and what do I do? For Assurer1. Try best to check validity of user- provided ID (ex. UV-light checks)2. Understand, and explain members obligation (ref: Community Agreement)3. Dont just give out full points. Give points based on your “confidence”. Think: What if some Martian comes up and provides you an ID of “Galactic Empire”?
  16. 16. Topics in Japan We are having the first official CAcert event in Japan!
  17. 17. ATE Tokyo (Assurer Training Event)1. One of the requirements to become a “Senior Assurer”.2. A chance to assurer people to become a “Experienced Assurer”3. A chance to obtain 100+pt. Peter Yuill of CAcert.org, who is happening to be in Japan during OSC2011 period, has offered to be a “trainer” of the event! If you miss this, “next time” might not come in few years!
  18. 18. NOTE: Assurer “Experience Point” 0EP Can give up to 10pt/assurance. Each assurance provides 2EP back to an assurer. ... 50EP Can give up to 35pt. Who reaches this level is called “Exp. Assurer” Senior Assurer is a “Exp. Assurer”++, who is regarded to be capable of handling deeper CAcert activities.
  19. 19. AnnouncementDate :2011/3/5Place: Waseda Univ. Shinjuku Sports Center West Campus(63&61)   + citys meetup spaceSessions:- Training (ATE) in OSC- Assurance (signing) in OSC Dept of Sci. And Eng. and right after OSC closing Please go and register to http://www.ospn.jp/osc2011-spring/ !

×