An introduction to CAcert, a community-based root CA. Includes detailed instruction on actual assurance procedure and a guide on how to run an assurance event.

1. 71 Debian 2010 12
1 CAcert
1.1 CAcert
CAcert
2002 2003 CAcert Inc.
S/MIME
etc
CAcert OS
VeriSign
*1
CAcert
1.
2.
1.
2.
CAcert
1.
2. CAcert CA
CAcert
CAcert
CAcert CAcert Inc.
*1
1

2. 1.
2. 100pt
3. 100pt
Web of Trust
1.2 CAcert -
CAcert
https://cacert.org/ CAcert
Asurer
≥0 Member
≥1 Member Member Root
≥ 50 Assured Member
≥ 100 Prospective Assurer
≥ 100 + Assurer
10
0-2EP
≥ 100 + 10EP + Assurer 15
≥ 100 + 20EP + Assurer 20
≥ 100 + 30EP + Assurer 25
≥ 100 + 40EP + Assurer 30
≥ 100 + 50EP + Assurer 35
Experienced Assurer /
Senior Assurer
1
100pt
Assurance Point Assurer
2EP 10EP/20EP/...
Experience Point
25 20 100pt
100pt Assurer *2
*2 https://cats.cacert.org/
2

3. 1
Assurer Experienced / Senior Assurer
Experienced Assurer
Senior Assurer Experienced Assurer
50EP 100pt 25 SeniorAssurer
1. Experienced Assurer
2. co-auditor*3
3. *4 ATE(Assurer Training Event)
4. CARS - CAcert Assurer Reliable Statement
CAcert Senior Assurer
CAcert Senior Assurer
1.3
*3 Assurance Office Experienced Assurer
*4
3

4. Assurer
a
1.
b
2. CAP(CAcert Assurance Program) Form
c
3.
4. CCA(CAcert Community Agreement)
a /
b https://secure.cacert.org/cap.php
c
Member
1. CAcert
2.
a
3. CAP Form OK
a https://secure.cacert.org/cap.php -
CAcert
GPG
1. Assurer CCA
Assurer CAcert
a CAcert Assurer
b 1000EUR 2010/12
10
c COD - CAcert Official Document
2. Member
3. Assurer Member CAP Form
4. Assurer
a CCA
b
c cacert.org
d
e
f
5.
a
b CAcert
4

5. dispute *5 Assurer
c CAP Form
d
e PhD
6.
7. CAP Form
Assurer
Assurer CAP Form
1. CAP Form
2. cacert.org CAP Form
3. CAP Form ←←←
mOm
JK
support@cacert.org
1.4
GPG
CAcert
CAP Form Assurer
*6
support@cacert.org
1.5 CAcert
CAcert
*5
*6 CAP Form
5

6. 1. Event Office (http://wiki.cacert.org/Officers)
2. CAcert EventOffier
3. *7
4. Assurer Assurer
5.
6.
7.
8. EventOfficer Event Office
CAcert
1.5.1
CAcert Event Office
Event Organiser 1 Event Office
Experienced Assurer 3+
Assurer 2+ EA CAP Form EA
2+
2 CAcert
1+
1+
1+
0+
PC 1+ Knoppix
1 CAP Form
10+
1
3 CAcert
*7
6

7. Assurer 1
CAP Form 1p, 30+ Assurer
CAP Form 1p, 20+ Assurer
CCA (4p) 50+ Assurance
CCA ( 1
Assurance Policy (8p) 1+
Assurance Handbook (29p) 1+
Root Distribution License (1p) 1
Dispute Resolution Policy (6p) 1
Practice On Names (4p) 1+ Assurer
Practice On ID Checking (4p) 1+ Assurer
PoJAM (4p) 1
CPS(28p) 1
0+ CAcert Office IR
4 CAcert
CCA(CAcert Community Agreement)
1.5.2
1. CAcert 3-5 *8 CAP
Form
2. Assurer Member( ) Member
3. Assurer Experience Point Assurance
*8 Assurer
7

8. 2 CAcert
Assurer
1.6 CAcert
CAcert Wiki
CAcert
COD (CAcert
Official Document)
8

9. COD1 Policy on Policy (PoP) POLICY IETF
COD2 Configuration-Control DRAFT DOC/HW/SW
Specification(CCS)
COD3 CAcert Official Docu-
ments Policy (COD)
COD4 Non-Related Persons –
Disclaimer and Licence COD14(Root Distribution License)
(NRP-DaL)
COD5 Privacy Policy (PP) POLICY
COD6 Certification Practice DRAFT
Statement (CPS)
COD7 Dispute Resolution POLICY CAcert
Policy (DRP)
COD8 Security Policy (SP) DRAFT
COD9 CAcert Community CAcert
Agreement (CCA)
COD10 NA
COD11 Oranisation Assurance POLICY CAcert
Policy(OAP)
COD12 NA
COD13 Assurance Policy (AP) POLICY
COD14 Root Distribution Li- DRAFT CAcert
cense (RDL)
- Assurer Handbook
WiP(Work in Progress - ) DRAFT POLICY
2010 CAcert
Member/Assurer
9

10. 3 CAcert
COD[0-9]+ PoP/CCS/CCA/PP/DRL/...
DRP( )/CCS( )/CCA /Handbook
CAcert Inc.
4 CAcert REF: http://wiki.cacert.org/Officers
CAcert Wiki
10

11. support@cacert.org
ML
1.7
CAcert
*9 Assurer CAcert
CAcert
1.8
CAcert
1. Using Secure DNS to Associate Certificates with Domain Names For TLS
https://datatracker.ietf.org/doc/draft-ietf-dane-protocol/
2. - DNS - KIDNS (Keys in DNS) -
http://dnsops.jp/bof/20101125/201011-DNSOPS-KIDNSv5.pdf
CERT/TLSA
SSH/PGP
*10 CA
10 DNSSEC
*9 CAcert Inc.
*10 GnuPG
11

12. 12

13. Debian
2010 12 18 1
Debian
13