CAcert NEWS Blog

What’s this ATE thing then???

iang — Fri, 12 Mar 2010 04:55:33 +0000

You have probably seen messages flying around about the ATEs, or Assurer Training Events, and you’re probably wondering whether it applies to you. The answer is:

YES, most definately, if you are an Assurer.

This is your event, to update and to participate. More than that, it feeds into audit. This connection may be a little non-obvious, so this post is about explaining it to those wavering on their path to an ATE near them as to why you should help.

Recall that CAcert has today 3460 (and growing) Assurers around the world, and that they provide the critical information feeding into the certificates for the entire community.

That line — from Community Member to verification of information to the certificate — is of key interest to the Auditor. The certificate part is well-understood but what is less well understood is the verification part. How does the Auditor verify the actions of 3460 people spread across dozens of countries? Are they doing the job? Looking after Members? Mostly harmless or causing risks to rise?

Verifying the Assurers across the planet is a challenge we must conquer, because our audit criteria says “A.2.y The CP details how the CA verifies that [Assurers] operate in accord with the CA’s policies.” Indeed, the auditor for a big famous-name CA simply declined to audit their web of trust, and the CA found it in its heart to drop the entire thing.

But it can be done. As auditor, I visited around 8 countries in 2009 for a tiny budget of €1500 and verified personally around 80 Assurers. The German community did a similar thing across Germany, and together these results gave us a good showing. It was still marginal; we need better and broader coverage. We need scaleability and we needed process, but we had our start.

From the 2009 experiment, the Assurance Team has designed a comprehensive programme to meet the audit criteria A.2.y, and the ATE is the leading part of that. At the Assurer Training Event, you the Assurer are brought up to date with changes (dramatic), informed on essential checks (of course) and then we individually record that process (carefully and slowly). All this is then collated and prepared for an end-of-season report.

The 2010 season is now underway. If you want to help CAcert’s audit process and improve on the results below, you should look out for an ATE near you. Who wouldn’t want to be involved??? Better yet, ask at events@c.o for how to run one.

Bandwidth saved by RSScache.com

ATE-Sydney

iang — Thu, 11 Mar 2010 01:48:47 +0000

ATE-Sydney is programmed! Masa has made available a lecture theatre at Sydney University’s IT school for an ATE on evening of 24th March. Precise time to follow, more details on the wiki.

The ATE or Assurer Training Event is exceptionally recommended for all Assurers, and include parts which contribute directly to our audit. Come and find out how you can also contribute. Please RSVP by email to iang at the normal domain, or add your name on the wiki.

Other events in NSW coming soon, or mail me with suggestions.

Bandwidth saved by RSScache.com

Two Weeks to go! CAcert at OpenExpo 2010 Bern - Switzerland - March 24.-25. 2010

hugi — Wed, 10 Mar 2010 16:33:50 +0000

OpenExpo, the Swiss leading conference and trade show for Free and Open Source Software, will take place for the 8th time Wednesday and Thursday, March 24. and 25. 2010 at the BEA expo in Bern. CAcert is proud to be present among many other Open Source Projects as part of the Open Source Community.

In the conference program at KMU day, there will be the presentation - SSL-Zertifikate in der betriebsinternen Kommunikation der ETH Zürich (in German language) - about the application of CAcert certificates. As the first university in Switzerland, ETH is deploying CAcert certificates.

Additional Swiss CAcert assurers or CAcert assurers from any country with successfully passed assurer test and willing to help, register in the CAcert.org Wiki. The entrance and the conferences are free of charge, simply order and print your free ticket.

———————————————————————————————————————————————————————————————————————————————–

OpenExpo, die Schweizer Messe und Tagung für Freie und Open Source Software findet zum achten Mal statt, am Mittwoch und Donnerstag, 24. und 25.März 2010 in der BEA expo in Bern. CAcert.org ist stolz darauf, mit vielen anderen Open Source Projekten an diesem Anlass teilnehmen zu dürfen und Teil der Open Source Community zu sein.

Im Konferenzprogramm wird am KMU-Tag der Einsatz von SSL-Zertifikate in der betriebsinternen Kommunikation der ETH Zürich anhand von CAcert Zertifikaten präsentiert. Die ETH setzt als erste Universität in der Schweiz CAcert Zertifikate ein.

Zusätzliche Schweizer CAcert.org Assurer oder CAcert.org Assurer aus irgend einem Land mit erfolgreich absolviertem Assurer Test, welche mithelfen wollen, tragen sich bitte im CAcert.org Wiki ein. Der Messeeintritt und das Konferenzprogramm sind für jederman kostenlos, einfach Gratis-Tickets bestellen und ausdrucken.

Bandwidth saved by RSScache.com

ate-OZ

iang — Tue, 09 Mar 2010 06:22:11 +0000

I’m in the vicinity of Canberra - Sydney for next 2 months, and looking to do ATEs. If you have some sort of venue or facility, and there are Assurers in your area, let me know.

iang @ the normal address, for the Assurance Team.

Bandwidth saved by RSScache.com

Thawte Points Transfer and Removal of Points at Nov 16th 2010

U. Schroeter — Mon, 08 Mar 2010 03:09:08 +0000

The November 2009 blog post Last chance: End of thawte points transfer on 16th november 2009 was the starting point for the moving of Thawte Notarys to CAcert … but this is half of the story. November 16th 2010 ends the verification period of transfered points. So the 150 points transfer will be lost. To prevent the loss of Assurance and Experience Points all members using this program needs to search for assurers to get fully assured and starting also assurances to get the needed experience points. Until now, the addtl. Assurances doesn’t count, but added to the account until the Points Count process will be changed before Nov 16th 2010, so the last assurance points counts.

This will become a big shift in this year until November 2010. Current work is to prepare the building of the Software Assessment Team and the Repository project to make Software updates possible. This project is a not so well noticed project still running in the background. But if someone reads the Software MiniTOP Updates from Dec 2009 and February 2010, those can reads the progress that is made in this area. This is also a requirement for the CCA Rollout plan that needs to be started around mid of this year to succeed before Audit can continue.

If you have further questions regarding the Thawte transfer points removal, please go to the public CAcert Support mailing list.

Bandwidth saved by RSScache.com

CeBIT 2010 closed - Co-Audited Assurances Program Launch

U. Schroeter — Mon, 08 Mar 2010 02:42:06 +0000

This years CeBIT 2010, CAcert got a booth as part of 15 projects within the Open Source Project Lounge sponsored by Linux New Media. CAcert thanks Linux-Magazin and Linux New Media for the sponsoring of the booth presentation at CeBIT 2010.

The Assurance Team by Ian Grigg, Joost Steijlen, Dirk Astrath and Ulrich Schroeter finalized the Co-Audited Assurance plan for 2010 and launched it at the 2nd CeBIT day, March 3rd. The upfollowing days, most of the Assurers from the booth were tested.

The Event Organizer Joost Steijlen managed the team of upto 12 Assurers on the booth. The preplanning was done by Ulrich Schroeter with help from Alexander Bahlo. Thanks to Michael Jopen for the contribution of 7500 (!) CAP forms. At CeBIT around 2500 CAP forms were used. The rest of the CAP forms are packed into the Event bag to Chemnitzer Linuxtage and upcoming events. Some are transfered to the Netherlands for their upcoming events. Also thanks to Mozilla, who sponsored the Internet Access at the booth for all 15 projects at the Open Source Project Lounge.

My thanks goes to all of our Assurers for their help at the booth. Also to Joost for taking the job as booth organizer.

Bandwidth saved by RSScache.com

Community 2010 February Update

U. Schroeter — Mon, 08 Mar 2010 01:50:49 +0000

20100221 Markus Warg appointed to Software Assessment.
* He is now the 2nd team member in a new team that will be formed under the “Repository Project” by Andreas Bäß
* Also involved in this project is the Critical sysadmins team for building up the Servers and software for becoming testing and staging servers.
* Also to train the system recovery from scratch
* Also to prepare a proposed system upgrade
* These are the first results from the Software MiniTOP Essen Dec 16th 2009
20100221 UlrichSchroeter appointed as Assurance Officer
* Board accepts Sebastian’s resignation as Assurance team leader, and thank him for steering the ship over the last year. Sebastian remains on the Assurance team! Board appoints Ulrich as team leader, formally Assurance Officer within the meaning of the Assurance Policy.
20100221 Michael Tänzer appointed as Support Officer
* Board appointed Michael as support team leader and accepts Ian Grigg’s resignation as support team leader.
* (Formally, as Support Officer within Security Policy.)
20100213 Software MiniTOP Offenbach Feb 13th 2010
* Current State of ”Repository Project”
20100206 Assurance MiniTOP Brussels Feb 6th 2010 - on the Agenda were several topics
* Assurance - Tasks for coming weeks.
- Plan for Events.
- Submit review to board.
- new AO and EO to board.
- prepare CeBIT.
- finish Co-auditing Programme for 2010, in time for CeBIT.
* CeBIT
* Roles
* Support
* ABC interviews
* Recruitment
* Co-Audit
* Defining the Co-Auditor
* co-Audit Team
* co-Audit preparation
20100201 p20100119 PoJAM to DRAFT resolved.
* https://svn.cacert.org/CAcert/Policies/PolicyOnJuniorAssurersMembers.html
* Now the Subpolicy is binding to Assurers for assuring minors and als minors to be Assurers.
* This is the first policy in a series of subpolicys under AP, that cames back after all special assurance programs becomes frozen.

Further Community Update News you will find in the Wiki Community Update

Community 2010 February Update

Bandwidth saved by RSScache.com

[Ad] Top 2010 Online Business Opportunities

Review The Top 2010 Legitimate Make Money Online Programs.

Linux Release Party May 29th 2010 - Reehorst, Ede, Netherlands

pemmerik — Thu, 04 Mar 2010 22:47:09 +0000

-
The Dutch Hobby Computer Club HCC and ubuntu nl are organising the Dutch Ubuntu release party for Lucid Lynx (Ubuntu 10.4 LTS / Long Time Support version)
Of course your favorite free certificate provider - CAcert - will be present.
Create your account at http://www.cacert.org, login to your account, get some prints of the assurance form using CAP Forms and bring them with you.
If you have more as 100 assurance points and have passed the CAcert Assurer Challence, so you are a CAcert Assurer, pick up your Assurer pin/badge at the CAcert booth table!
Make sure to enlist as assurer on the event page.

Bandwidth saved by RSScache.com

May 6th 2010, NLUUG Spring Conference - System administration, Ede - Netherlans

pemmerik — Thu, 04 Mar 2010 22:25:25 +0000

The dutch Linux/Unix NLUUG conference will host CAcert Assurances on Thursday 6th of May in the conference center De Reehost in Ede, Holland. See for details the NLUUG conference web page. The conference theme is System administration.
Be prepared and complete the assurance program form: Login to your account on http://www.cacert.org on go to CAP Forms.

If you have more as 100 assurance points and have passed the CAcert Assurer Challence, so you are a CAcert Assurer, pick up your Assurer pin/badge at the CAcert booth table!
Be sure to enlist as assurer on the event page.

Bandwidth saved by RSScache.com

CAcert zu Gast bei Linux New Media auf der CEBIT 2010, Halle 2, Stand F34

U. Schroeter — Wed, 10 Feb 2010 10:57:25 +0000

CAcert ist dieses Jahr Gast auf der Cebit 2010 bei Linux New Media im Rahmen der CeBIT Open Source Project Lounge 2010 in Halle 2, Stand F34.

CAcert freut sich an der Open Source Projekt Lounge als eines von 15 Projekten teilhaben zu dürfen und dass wir durch Linux New Media eine Möglichkeit erhalten haben uns präsentieren zu können.

[English]

CAcert will be at Cebit 2010 this year as guest of Linux New Media at the CeBIT Open Source Project Lounge 2010 in hall 2, booth F34.

CAcert is pleased at Open Source project Lounge to be allowed as one of 15 projects sharings and to be able to present us by the possibility of Linux new Media who have received us.

Bandwidth saved by RSScache.com