SlideShare a Scribd company logo

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

Taisuke Yamada
Taisuke Yamada

Presentation done at TLUG 2011/2/19 tech meeting. Includes introductory information on CAcert, and also an invitation to the first official CAcert. ATE (Assurer Training Event) Tokyo in Japan. ATE Tokyo will be on Mar 5 (Sun), during OSC (OpenSource Conference) 2011 Tokyo/Spring at Waseda University (near Shinjuku).

Technology
1 of 19
Download to read offline
The Cacert Project - An Invitation to CAcert ATE Tokyo - Taisuke Yamada @tyamadajp
Agenda 1. What is Cacert? 2. What can it do for you 3. Current status 4. How does it work 5. Invitation to ATE Tokyo (at OSC2011, on Mar 5, 2011)
So, what is it? It's a “community”-based Certificate Authority
So, what is it? What? → OK, I'll explain...
Certificated-based “trust” basics Websites Email Application How do you know that what you are accessing is what it claims to be?
Solution: “Chain of trust” For you, everything is built on These 2 links you trust! Root CA User Web Intermediate CA Email User App User Distribution
So, what about CAcert? Usual CA CAcert The G-O-D(tm) Automated Root CA Issuer Web-of-Trust “All you need is “Trust each other, to BELIEVE (me)” and I'll bless you”
In another word, Now, the G-O-D is gone, replaced by the Web-of- Trust.
What can CAcert do for me? 0pt Issues minimal server / client / S/MIME cert. Valid for 6 months. 50pt Issues fully descriptive cert, backed by higher class cert. Valid for 2 years. 100pt All of the above + code-signing cert. You can also give out points if you pass the Assurer Challenge test. By being “assured”, you'll obtain points for creating higher-level certificate.
But WAIT! Isn't that a “Ore-Ore”?
But WAIT! Isn't that a “Ore-Ore”? Named after “Ore-Ore“ fraud scheme, which calls up elderly (like 80+ old) and tells “Granma, it's me! (Ore!) I had a accident with Yakuza, and need to pay them! Please! Let me borrow $5000! My bank account is...”. Who got a call will panic, and sends without thinking. So “Ore-Ore” cert is a cert that claims its public authority without backing of any other public CA.
Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD There're “cheap” commercial CAs. But, CAcert's goals are: ・ To build world-acknowledged CA based on community effort ・ Provide *everyone* a secure env. It's also useful to make cert managemnet easier!
Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD In short, audit by independent third party is required. And in 2010, CAcert has prepared all the legal docs and (strict) policy for an audit! (some still under draft).
How does it work, and what do I do? For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you, along with government-issued ID. 3. Fill out, sign, and give the CAP form in front of an assurer, face-to-face You can start issuing certs right after registration. It's just more points are needed to create higher-level ones.
How does it work, and what do I do? For Assurer 1. Try best to check validity of user- provided ID (ex. UV-light checks) 2. Understand, and explain member's obligation (ref: Community Agreement) 3. Don't just give out full points. Give points based on your “confidence”. Think: What if some Martian comes up and provides you an ID of “Galactic Empire”?
Topics in Japan We are having the first official CAcert event in Japan!
ATE Tokyo (Assurer Training Event) 1. One of the requirements to become a “Senior Assurer”. 2. A chance to assurer people to become a “Experienced Assurer” 3. A chance to obtain 100+pt. Peter Yuill of CAcert.org, who is happening to be in Japan during OSC2011 period, has offered to be a “trainer” of the event! If you miss this, “next time” might not come in few years!
NOTE: Assurer “Experience Point” 0EP Can give up to 10pt/assurance. Each assurance provides 2EP back to an assurer. ... 50EP Can give up to 35pt. Who reaches this level is called “Exp. Assurer” Senior Assurer is a “Exp. Assurer”++, who is regarded to be capable of handling deeper CAcert activities.
Announcement Date :2011/3/5 Place: Waseda Univ. Shinjuku Sports Center West Campus(63&61)    + city's meetup space Sessions: - Training (ATE) in OSC - Assurance (signing) in OSC Dept of Sci. And Eng. and right after OSC closing Please go and register to http://www.ospn.jp/osc2011-spring/ !

Recommended

Charity Items from Debian JP Project
Charity Items from Debian JP ProjectCharity Items from Debian JP Project
Charity Items from Debian JP Project
Taisuke Yamada
 
Casual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUXCasual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUX
Taisuke Yamada
 
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
Taisuke Yamada
 
Invitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code ExplorationInvitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code Exploration
Taisuke Yamada
 
Putting the Work Into Social Networking
Putting the Work Into Social NetworkingPutting the Work Into Social Networking
Putting the Work Into Social Networking
Colin Gray
 
Windows 8
Windows 8Windows 8
Windows 8
Priyesh Neema
 
CACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemasCACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemas
OpenSistemas
 
Infinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every secondInfinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every second
Taisuke Yamada
 

Recommended

Charity Items from Debian JP Project
Charity Items from Debian JP ProjectCharity Items from Debian JP Project
Charity Items from Debian JP Project
Taisuke Yamada
 
Casual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUXCasual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUX
Taisuke Yamada
 
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
Taisuke Yamada
 
Invitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code ExplorationInvitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code Exploration
Taisuke Yamada
 
Putting the Work Into Social Networking
Putting the Work Into Social NetworkingPutting the Work Into Social Networking
Putting the Work Into Social Networking
Colin Gray
 
Windows 8
Windows 8Windows 8
Windows 8
Priyesh Neema
 
CACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemasCACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemas
OpenSistemas
 
Infinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every secondInfinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every second
Taisuke Yamada
 
OxCEPT Introduction
OxCEPT IntroductionOxCEPT Introduction
OxCEPT Introduction
MattSims
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
Brussels Legal Hackers
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
T.Rob Wyatt
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE
 
Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud
CA API Management
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
André Goliath
 
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart CardsClient Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Ed Dodds
 
Describe how corda works
Describe how corda works Describe how corda works
Describe how corda works
Blockchain Council
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
CheapSSLsecurity
 
Agile code quality metrics
Agile code quality metricsAgile code quality metrics
Agile code quality metrics
Gil Nahmias
 
What Is EDI: Whitepaper Download
What Is EDI: Whitepaper DownloadWhat Is EDI: Whitepaper Download
What Is EDI: Whitepaper Download
Dicentral Corporation
 
Sect f41
Sect f41Sect f41
Sect f41
SelectedPresentations
 
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshopBlockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Next Space Pvt. Ltd
 
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
CloudIDSummit
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
CloudIDSummit
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
WAFAA AL SALMAN
 
ICO digest TrustaBit
ICO digest TrustaBitICO digest TrustaBit
ICO digest TrustaBit
Andre Varnavskii
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
mirmaisam
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 
ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴
Taisuke Yamada
 
DIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 MinutesDIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 Minutes
Taisuke Yamada
 

More Related Content

Similar to The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
Brussels Legal Hackers
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
mirmaisam
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 

Similar to The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN) (20)

OxCEPT Introduction
OxCEPT IntroductionOxCEPT Introduction
OxCEPT Introduction
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 
Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
 
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart CardsClient Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart Cards
 
Describe how corda works
Describe how corda works Describe how corda works
Describe how corda works
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
 
Agile code quality metrics
Agile code quality metricsAgile code quality metrics
Agile code quality metrics
 
What Is EDI: Whitepaper Download
What Is EDI: Whitepaper DownloadWhat Is EDI: Whitepaper Download
What Is EDI: Whitepaper Download
 
Sect f41
Sect f41Sect f41
Sect f41
 
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshopBlockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
 
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
 
ICO digest TrustaBit
ICO digest TrustaBitICO digest TrustaBit
ICO digest TrustaBit
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
 

More from Taisuke Yamada

Nilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebianNilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebian
Taisuke Yamada
 

More from Taisuke Yamada (18)

ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴
 
DIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 MinutesDIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 Minutes
 
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
 
Quick QUIC Technical Update (2017)
Quick QUIC Technical Update (2017)Quick QUIC Technical Update (2017)
Quick QUIC Technical Update (2017)
 
IoT Deep Dive - Be an IoT Developer for an Hour
IoT Deep Dive - Be an IoT Developer for an HourIoT Deep Dive - Be an IoT Developer for an Hour
IoT Deep Dive - Be an IoT Developer for an Hour
 
Pythonではじめるソフトウェア無線
Pythonではじめるソフトウェア無線Pythonではじめるソフトウェア無線
Pythonではじめるソフトウェア無線
 
Getting Started with SDR in Python
Getting Started with SDR in PythonGetting Started with SDR in Python
Getting Started with SDR in Python
 
VSCode Remoteでも画像コピペがしたいです!
VSCode Remoteでも画像コピペがしたいです!VSCode Remoteでも画像コピペがしたいです!
VSCode Remoteでも画像コピペがしたいです!
 
InfiniBand on Debian
InfiniBand on DebianInfiniBand on Debian
InfiniBand on Debian
 
Hacking Ruby with Python
Hacking Ruby with PythonHacking Ruby with Python
Hacking Ruby with Python
 
mod_auth_ticket - Bringing Single-Sign-On to lighttpd
mod_auth_ticket - Bringing Single-Sign-On to lighttpdmod_auth_ticket - Bringing Single-Sign-On to lighttpd
mod_auth_ticket - Bringing Single-Sign-On to lighttpd
 
Introduction to Initramfs - Initramfs-tools and Dracut
Introduction to Initramfs - Initramfs-tools and DracutIntroduction to Initramfs - Initramfs-tools and Dracut
Introduction to Initramfs - Initramfs-tools and Dracut
 
Hadoop book-2nd-ch3-update
Hadoop book-2nd-ch3-updateHadoop book-2nd-ch3-update
Hadoop book-2nd-ch3-update
 
201012 cacert-at-tokyodebian
201012 cacert-at-tokyodebian201012 cacert-at-tokyodebian
201012 cacert-at-tokyodebian
 
Nilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebianNilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebian
 
Embed Shogiboard - my first mediawiki extension -
Embed Shogiboard - my first mediawiki extension -Embed Shogiboard - my first mediawiki extension -
Embed Shogiboard - my first mediawiki extension -
 
The Web That Wasn't - WikiBana #10 LT
The Web That Wasn't - WikiBana #10 LTThe Web That Wasn't - WikiBana #10 LT
The Web That Wasn't - WikiBana #10 LT
 
WebDAV, ATOM, and REST
WebDAV, ATOM, and RESTWebDAV, ATOM, and REST
WebDAV, ATOM, and REST
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Recently uploaded (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

  • 1. The Cacert Project - An Invitation to CAcert ATE Tokyo - Taisuke Yamada @tyamadajp
  • 2. Agenda 1. What is Cacert? 2. What can it do for you 3. Current status 4. How does it work 5. Invitation to ATE Tokyo (at OSC2011, on Mar 5, 2011)
  • 3. So, what is it? It's a “community”-based Certificate Authority
  • 4. So, what is it? What? → OK, I'll explain...
  • 5. Certificated-based “trust” basics Websites Email Application How do you know that what you are accessing is what it claims to be?
  • 6. Solution: “Chain of trust” For you, everything is built on These 2 links you trust! Root CA User Web Intermediate CA Email User App User Distribution
  • 7. So, what about CAcert? Usual CA CAcert The G-O-D(tm) Automated Root CA Issuer Web-of-Trust “All you need is “Trust each other, to BELIEVE (me)” and I'll bless you”
  • 8. In another word, Now, the G-O-D is gone, replaced by the Web-of- Trust.
  • 9. What can CAcert do for me? 0pt Issues minimal server / client / S/MIME cert. Valid for 6 months. 50pt Issues fully descriptive cert, backed by higher class cert. Valid for 2 years. 100pt All of the above + code-signing cert. You can also give out points if you pass the Assurer Challenge test. By being “assured”, you'll obtain points for creating higher-level certificate.
  • 10. But WAIT! Isn't that a “Ore-Ore”?
  • 11. But WAIT! Isn't that a “Ore-Ore”? Named after “Ore-Ore“ fraud scheme, which calls up elderly (like 80+ old) and tells “Granma, it's me! (Ore!) I had a accident with Yakuza, and need to pay them! Please! Let me borrow $5000! My bank account is...”. Who got a call will panic, and sends without thinking. So “Ore-Ore” cert is a cert that claims its public authority without backing of any other public CA.
  • 12. Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD There're “cheap” commercial CAs. But, CAcert's goals are: ・ To build world-acknowledged CA based on community effort ・ Provide *everyone* a secure env. It's also useful to make cert managemnet easier!
  • 13. Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD In short, audit by independent third party is required. And in 2010, CAcert has prepared all the legal docs and (strict) policy for an audit! (some still under draft).
  • 14. How does it work, and what do I do? For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you, along with government-issued ID. 3. Fill out, sign, and give the CAP form in front of an assurer, face-to-face You can start issuing certs right after registration. It's just more points are needed to create higher-level ones.
  • 15. How does it work, and what do I do? For Assurer 1. Try best to check validity of user- provided ID (ex. UV-light checks) 2. Understand, and explain member's obligation (ref: Community Agreement) 3. Don't just give out full points. Give points based on your “confidence”. Think: What if some Martian comes up and provides you an ID of “Galactic Empire”?
  • 16. Topics in Japan We are having the first official CAcert event in Japan!
  • 17. ATE Tokyo (Assurer Training Event) 1. One of the requirements to become a “Senior Assurer”. 2. A chance to assurer people to become a “Experienced Assurer” 3. A chance to obtain 100+pt. Peter Yuill of CAcert.org, who is happening to be in Japan during OSC2011 period, has offered to be a “trainer” of the event! If you miss this, “next time” might not come in few years!
  • 18. NOTE: Assurer “Experience Point” 0EP Can give up to 10pt/assurance. Each assurance provides 2EP back to an assurer. ... 50EP Can give up to 35pt. Who reaches this level is called “Exp. Assurer” Senior Assurer is a “Exp. Assurer”++, who is regarded to be capable of handling deeper CAcert activities.
  • 19. Announcement Date :2011/3/5 Place: Waseda Univ. Shinjuku Sports Center West Campus(63&61)    + city's meetup space Sessions: - Training (ATE) in OSC - Assurance (signing) in OSC Dept of Sci. And Eng. and right after OSC closing Please go and register to http://www.ospn.jp/osc2011-spring/ !