SlideShare une entreprise Scribd logo

CACert - A Community-driven Certification Authority - OpenSistemas

OpenSistemas
OpenSistemas
Technologie
1  sur  105
Télécharger pour lire hors ligne
CACert A Community-driven Certification Authority Juanjo Amor jjamor@opensistemas.com OpenSistemas 29 Abril 2011 Juanjo Amor CACert
(cc) 2011 Juanjo Amor and Wikipedia Some rights reserved. This work licensed under Creative Commons Attribution-ShareAlike License. To view a copy of full license, see http://creativecommons.org/licenses/by-sa/3.0/ or write to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Juanjo Amor CACert
Index Juanjo Amor CACert
About Opensistemas Opensistemas is an international company Juanjo Amor CACert
About Opensistemas Opensistemas is an international company highly specialized Juanjo Amor CACert
About Opensistemas Opensistemas is an international company highly specialized in offering global IT solutions Juanjo Amor CACert
About Opensistemas Opensistemas is an international company highly specialized in offering global IT solutionsbased on Open Sourceand Linuxplatforms. Juanjo Amor CACert
About Opensistemas Our Vision: Juanjo Amor CACert
About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Juanjo Amor CACert
About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Juanjo Amor CACert
About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Apply our knowledge of the opportunities offered by Open Source to deliver effective solutions and innovation to our customers while promoting the professional development of our employees and building value for shareholders. Juanjo Amor CACert
About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Apply our knowledge of the opportunities offered by Open Source to deliver effective solutions and innovation to our customers while promoting the professional development of our employees and building value for shareholders. Our Values: Juanjo Amor CACert
About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Apply our knowledge of the opportunities offered by Open Source to deliver effective solutions and innovation to our customers while promoting the professional development of our employees and building value for shareholders. Our Values: Deliver effective solutiosn to our customers. Corporate social responsibility. Commitment to Open Source. Ethics and Respect for individuals. Research and Innovation. Teamwork. Commitment to the development of a society connected by information and knowledge. Juanjo Amor CACert
About Opensistemas Our Markets Juanjo Amor CACert
About Opensistemas Our Partners Juanjo Amor CACert
About Opensistemas Opensistemas is present in nine locations over five countries: Spain (Madrid, Valencia, Barcelona, Sevilla, Zaragoza), Chile (Santiago), Colombia (Bogot´a), United Kingdom (London) and China (Shanghai). Juanjo Amor CACert
About Opensistemas Contact Information www.opensistemas.com info@opensistemas.com +34 902 107 396 Juanjo Amor CACert
Index Juanjo Amor CACert
PKI concepts PKI meaning... Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority VA = Validation Authority Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority VA = Validation Authority Public keys (person, server and authority certificates) Juanjo Amor CACert
PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority VA = Validation Authority Public keys (person, server and authority certificates) Policies and procedures Juanjo Amor CACert
PKI diagram of a public key infrastructure Juanjo Amor CACert
PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... Juanjo Amor CACert
PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Juanjo Amor CACert
PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Our navigator trusts in signed certificates by that CA Juanjo Amor CACert
PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Our navigator trusts in signed certificates by that CA The certificate chain informs browser about VA Juanjo Amor CACert
PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Our navigator trusts in signed certificates by that CA The certificate chain informs browser about VA Example: Try to get certificate information by using Thawte SSL Ca Juanjo Amor CACert
PKI example 2: The FNMT CA Spanish FNMT CA Juanjo Amor CACert
PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. Juanjo Amor CACert
PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... Juanjo Amor CACert
PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers Juanjo Amor CACert
PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers so we should import CA certificates into it. Juanjo Amor CACert
PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers so we should import CA certificates into it. This is one of first certificates acknowledged for legally identifying people or enterprises in Spain. Juanjo Amor CACert
PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers so we should import CA certificates into it. This is one of first certificates acknowledged for legally identifying people or enterprises in Spain. Example: Import FNMT certificate and then get its information. Juanjo Amor CACert
PKI example 3: The DGP CA Spanish DGP (Police) CA Juanjo Amor CACert
PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters Juanjo Amor CACert
PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices Juanjo Amor CACert
PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices VA: Delegated to third parties (FNMT, for example) Juanjo Amor CACert
PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices VA: Delegated to third parties (FNMT, for example) This is the CA for spanish electronic ID (DNIe). Also acknowledged for legally identifying people. Juanjo Amor CACert
PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices VA: Delegated to third parties (FNMT, for example) This is the CA for spanish electronic ID (DNIe). Also acknowledged for legally identifying people. Example: Import DGP certificate and then get its information. Juanjo Amor CACert
Web of Trust Web of trust Juanjo Amor CACert
Web of Trust Web of trust Concept created by PGP creator. Juanjo Amor CACert
Web of Trust Web of trust Concept created by PGP creator. Instead of having a “central” CA, we can build a trust network of signed public keys. Juanjo Amor CACert
Web of Trust Web of trust Concept created by PGP creator. Instead of having a “central” CA, we can build a trust network of signed public keys. If A signs B, and C trust A, then C could trust B. Juanjo Amor CACert
Web of Trust Web of trust Concept created by PGP creator. Instead of having a “central” CA, we can build a trust network of signed public keys. If A signs B, and C trust A, then C could trust B. CACert uses a variant of trust network... Juanjo Amor CACert
Index Juanjo Amor CACert
CACert PKI What is CACERT? Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Web of trust: Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Web of trust: Meetings, Assurance points, Prospective Assurers and Assures. Juanjo Amor CACert
CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Web of trust: Meetings, Assurance points, Prospective Assurers and Assures. Assured users can get, for example, email certificates with a complete CommonName field. Juanjo Amor CACert
CACert inclusion status Can we use CACert server certificates with some browser? Juanjo Amor CACert
CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Juanjo Amor CACert
CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Yes, my Linux distro (Debian, etc) includes CA certificate in ca-certificates package. Juanjo Amor CACert
CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Yes, my Linux distro (Debian, etc) includes CA certificate in ca-certificates package. No, my browser does not recognize the certificates and I cannot trust to a strange CA.crt file! (Like a self-signed certificate) Juanjo Amor CACert
CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Yes, my Linux distro (Debian, etc) includes CA certificate in ca-certificates package. No, my browser does not recognize the certificates and I cannot trust to a strange CA.crt file! (Like a self-signed certificate) Although Mozilla started a process to include the certificate, an audit suspended the process, because CACert needed to improve their management system. Juanjo Amor CACert
CACert web of trust When you create a new CACert account: Juanjo Amor CACert
CACert web of trust When you create a new CACert account: Only your email can be verified Juanjo Amor CACert
CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: Juanjo Amor CACert
CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: for including your real name to your account, Juanjo Amor CACert
CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: for including your real name to your account, to generate better certificates, and finally, Juanjo Amor CACert
CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: for including your real name to your account, to generate better certificates, and finally, to be also a CACert assurer. Juanjo Amor CACert
CACert web of trust Some rules: Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . When you got 50 experience points, then you can issue to others the maximum per session: 35 points Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . When you got 50 experience points, then you can issue to others the maximum per session: 35 points But in any case, you can, if you want, to issue less points than your maximum Juanjo Amor CACert
CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . When you got 50 experience points, then you can issue to others the maximum per session: 35 points But in any case, you can, if you want, to issue less points than your maximum Juanjo Amor CACert
CACert client certificates A client certificate is used to: Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration When you are assured (50 points) you also get Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration When you are assured (50 points) you also get Name and email certified Juanjo Amor CACert
CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration When you are assured (50 points) you also get Name and email certified 24 month expiration Juanjo Amor CACert
CACert server certificates A server certificate is used to: Juanjo Amor CACert
CACert server certificates A server certificate is used to: Secure website: identify a server to you Juanjo Amor CACert
CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: Juanjo Amor CACert
CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration Juanjo Amor CACert
CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration When you are assured (50 points) you also get Juanjo Amor CACert
CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration When you are assured (50 points) you also get 24 month expiration Juanjo Amor CACert
CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration When you are assured (50 points) you also get 24 month expiration In all cases, you need to be able to ping DNS name by receiven a postmaster email from DNS owner, and only website DNS name is assured, because CACert assurers are not able verify legal owner. Juanjo Amor CACert
Questions Questions? Juanjo Amor CACert
Exercises Final exercises 1 Creating your CACert account. 2 Creating your email certificate, with browser and then with openssl 3 Creating a web certificate, with openssl and apache 4 Want to be assured? Juanjo Amor CACert

Recommandé

Suppers go to San Francisco
Suppers go to San FranciscoSuppers go to San Francisco
Suppers go to San FranciscoStart-Up Chile
 
006 Diversity Essays For College Sample Graduat
006 Diversity Essays For College Sample Graduat006 Diversity Essays For College Sample Graduat
006 Diversity Essays For College Sample GraduatLori Head
 
Open Source in the DoD; Build It
Open Source in the DoD; Build ItOpen Source in the DoD; Build It
Open Source in the DoD; Build Itjstogdill
 
Chochogami
ChochogamiChochogami
ChochogamiPat Conarro
 
CAParty Madrid October 2011
CAParty Madrid October 2011CAParty Madrid October 2011
CAParty Madrid October 2011Antonio Peña
 
CAParty Madrid 2010 - Slides
CAParty Madrid 2010 - SlidesCAParty Madrid 2010 - Slides
CAParty Madrid 2010 - SlidesJuanjo Amor
 
Student Persuasive Essay Topics
Student Persuasive Essay TopicsStudent Persuasive Essay Topics
Student Persuasive Essay TopicsJessica Gefroh
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudInternet Law Center
 

Recommandé

Suppers go to San Francisco
Suppers go to San FranciscoSuppers go to San Francisco
Suppers go to San FranciscoStart-Up Chile
 
006 Diversity Essays For College Sample Graduat
006 Diversity Essays For College Sample Graduat006 Diversity Essays For College Sample Graduat
006 Diversity Essays For College Sample GraduatLori Head
 
Open Source in the DoD; Build It
Open Source in the DoD; Build ItOpen Source in the DoD; Build It
Open Source in the DoD; Build Itjstogdill
 
Chochogami
ChochogamiChochogami
ChochogamiPat Conarro
 
CAParty Madrid October 2011
CAParty Madrid October 2011CAParty Madrid October 2011
CAParty Madrid October 2011Antonio Peña
 
CAParty Madrid 2010 - Slides
CAParty Madrid 2010 - SlidesCAParty Madrid 2010 - Slides
CAParty Madrid 2010 - SlidesJuanjo Amor
 
Student Persuasive Essay Topics
Student Persuasive Essay TopicsStudent Persuasive Essay Topics
Student Persuasive Essay TopicsJessica Gefroh
 
Unearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudUnearthing and Dissecting Internet Fraud
Unearthing and Dissecting Internet FraudInternet Law Center
 
FewerClicks Software Blockchain development presentation
FewerClicks Software Blockchain development presentationFewerClicks Software Blockchain development presentation
FewerClicks Software Blockchain development presentationashish2509
 
10 Best Images Of Blank Letter Practice Worksheet
10 Best Images Of Blank Letter Practice Worksheet10 Best Images Of Blank Letter Practice Worksheet
10 Best Images Of Blank Letter Practice WorksheetSheila Brooks
 
The Robot Marketeer
The Robot MarketeerThe Robot Marketeer
The Robot MarketeerBart De Waele
 
How Quotient uses MariaDB to help customers save money
How Quotient uses MariaDB to help customers save moneyHow Quotient uses MariaDB to help customers save money
How Quotient uses MariaDB to help customers save moneyMariaDB plc
 
Government Next: NIC Presentation
Government Next: NIC PresentationGovernment Next: NIC Presentation
Government Next: NIC PresentationTara Hunt
 
Consumer Token Offering
Consumer Token OfferingConsumer Token Offering
Consumer Token OfferingDevelopcoins
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionChris Gates
 
Maximizing AI Business Value Creation Utilizing Patents
Maximizing AI Business Value Creation Utilizing PatentsMaximizing AI Business Value Creation Utilizing Patents
Maximizing AI Business Value Creation Utilizing PatentsAlex G. Lee, Ph.D. Esq. CLP
 
How to raise money in a digital world
How to raise money in a digital worldHow to raise money in a digital world
How to raise money in a digital worldLuca Merolla
 
Blockchain Technology Meets 4x4 Innovation Financing
Blockchain Technology Meets 4x4 Innovation FinancingBlockchain Technology Meets 4x4 Innovation Financing
Blockchain Technology Meets 4x4 Innovation FinancingMartin Schweiger
 
Cleveland Brown (Payscout): Payments in VR
Cleveland Brown (Payscout): Payments in VRCleveland Brown (Payscout): Payments in VR
Cleveland Brown (Payscout): Payments in VRAugmentedWorldExpo
 
Next Generation Internet Marketing-Transformational Customer Experience
Next Generation Internet Marketing-Transformational Customer ExperienceNext Generation Internet Marketing-Transformational Customer Experience
Next Generation Internet Marketing-Transformational Customer ExperienceCustomer Centria
 
A look inside the European Covid Green Certificate (Codemotion 2021)
A look inside the European Covid Green Certificate (Codemotion 2021)A look inside the European Covid Green Certificate (Codemotion 2021)
A look inside the European Covid Green Certificate (Codemotion 2021)Luciano Mammino
 
Traveling Essay Sample. Travelling Essay For Stude
Traveling Essay Sample. Travelling Essay For StudeTraveling Essay Sample. Travelling Essay For Stude
Traveling Essay Sample. Travelling Essay For StudeTiffany Miller
 
Best training blockchain for colleges- https://diyblockchain.co
Best training blockchain for colleges- https://diyblockchain.coBest training blockchain for colleges- https://diyblockchain.co
Best training blockchain for colleges- https://diyblockchain.coAsif Khan
 
Diyblockchain 9jan2019 https://diyblockchain.co/
Diyblockchain 9jan2019 https://diyblockchain.co/Diyblockchain 9jan2019 https://diyblockchain.co/
Diyblockchain 9jan2019 https://diyblockchain.co/bhuvankhanna1
 
Diyblockchain -best blockchain institute for corporate training -diyblockchai...
Diyblockchain -best blockchain institute for corporate training -diyblockchai...Diyblockchain -best blockchain institute for corporate training -diyblockchai...
Diyblockchain -best blockchain institute for corporate training -diyblockchai...Asif Khan
 
BEST CRYPTOCURRENCY TRAINING
BEST CRYPTOCURRENCY TRAININGBEST CRYPTOCURRENCY TRAINING
BEST CRYPTOCURRENCY TRAININGbhuvankhanna1
 
BLOCKCHAIN AND CRYPTOCURRENCY COURSES
BLOCKCHAIN AND CRYPTOCURRENCY COURSESBLOCKCHAIN AND CRYPTOCURRENCY COURSES
BLOCKCHAIN AND CRYPTOCURRENCY COURSESbhuvankhanna1
 
Diyblockchain -best training on blockchain - https://diyblockchain.co
Diyblockchain -best training on blockchain - https://diyblockchain.coDiyblockchain -best training on blockchain - https://diyblockchain.co
Diyblockchain -best training on blockchain - https://diyblockchain.coAsif Khan
 
From SF with Love
From SF with LoveFrom SF with Love
From SF with LoveOpenSistemas
 
OpenSistemas Corporate Presentation
OpenSistemas Corporate PresentationOpenSistemas Corporate Presentation
OpenSistemas Corporate PresentationOpenSistemas
 

Contenu connexe

Similaire à CACert - A Community-driven Certification Authority - OpenSistemas

FewerClicks Software Blockchain development presentation
FewerClicks Software Blockchain development presentationFewerClicks Software Blockchain development presentation
FewerClicks Software Blockchain development presentationashish2509
 
10 Best Images Of Blank Letter Practice Worksheet
10 Best Images Of Blank Letter Practice Worksheet10 Best Images Of Blank Letter Practice Worksheet
10 Best Images Of Blank Letter Practice WorksheetSheila Brooks
 
How Quotient uses MariaDB to help customers save money
How Quotient uses MariaDB to help customers save moneyHow Quotient uses MariaDB to help customers save money
How Quotient uses MariaDB to help customers save moneyMariaDB plc
 
Government Next: NIC Presentation
Government Next: NIC PresentationGovernment Next: NIC Presentation
Government Next: NIC PresentationTara Hunt
 
Consumer Token Offering
Consumer Token OfferingConsumer Token Offering
Consumer Token OfferingDevelopcoins
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionChris Gates
 
Maximizing AI Business Value Creation Utilizing Patents
Maximizing AI Business Value Creation Utilizing PatentsMaximizing AI Business Value Creation Utilizing Patents
Maximizing AI Business Value Creation Utilizing PatentsAlex G. Lee, Ph.D. Esq. CLP
 
How to raise money in a digital world
How to raise money in a digital worldHow to raise money in a digital world
How to raise money in a digital worldLuca Merolla
 
Blockchain Technology Meets 4x4 Innovation Financing
Blockchain Technology Meets 4x4 Innovation FinancingBlockchain Technology Meets 4x4 Innovation Financing
Blockchain Technology Meets 4x4 Innovation FinancingMartin Schweiger
 
Cleveland Brown (Payscout): Payments in VR
Cleveland Brown (Payscout): Payments in VRCleveland Brown (Payscout): Payments in VR
Cleveland Brown (Payscout): Payments in VRAugmentedWorldExpo
 
Next Generation Internet Marketing-Transformational Customer Experience
Next Generation Internet Marketing-Transformational Customer ExperienceNext Generation Internet Marketing-Transformational Customer Experience
Next Generation Internet Marketing-Transformational Customer ExperienceCustomer Centria
 
A look inside the European Covid Green Certificate (Codemotion 2021)
A look inside the European Covid Green Certificate (Codemotion 2021)A look inside the European Covid Green Certificate (Codemotion 2021)
A look inside the European Covid Green Certificate (Codemotion 2021)Luciano Mammino
 
Traveling Essay Sample. Travelling Essay For Stude
Traveling Essay Sample. Travelling Essay For StudeTraveling Essay Sample. Travelling Essay For Stude
Traveling Essay Sample. Travelling Essay For StudeTiffany Miller
 
Best training blockchain for colleges- https://diyblockchain.co
Best training blockchain for colleges- https://diyblockchain.coBest training blockchain for colleges- https://diyblockchain.co
Best training blockchain for colleges- https://diyblockchain.coAsif Khan
 
Diyblockchain 9jan2019 https://diyblockchain.co/
Diyblockchain 9jan2019 https://diyblockchain.co/Diyblockchain 9jan2019 https://diyblockchain.co/
Diyblockchain 9jan2019 https://diyblockchain.co/bhuvankhanna1
 
Diyblockchain -best blockchain institute for corporate training -diyblockchai...
Diyblockchain -best blockchain institute for corporate training -diyblockchai...Diyblockchain -best blockchain institute for corporate training -diyblockchai...
Diyblockchain -best blockchain institute for corporate training -diyblockchai...Asif Khan
 
BEST CRYPTOCURRENCY TRAINING
BEST CRYPTOCURRENCY TRAININGBEST CRYPTOCURRENCY TRAINING
BEST CRYPTOCURRENCY TRAININGbhuvankhanna1
 
BLOCKCHAIN AND CRYPTOCURRENCY COURSES
BLOCKCHAIN AND CRYPTOCURRENCY COURSESBLOCKCHAIN AND CRYPTOCURRENCY COURSES
BLOCKCHAIN AND CRYPTOCURRENCY COURSESbhuvankhanna1
 
Diyblockchain -best training on blockchain - https://diyblockchain.co
Diyblockchain -best training on blockchain - https://diyblockchain.coDiyblockchain -best training on blockchain - https://diyblockchain.co
Diyblockchain -best training on blockchain - https://diyblockchain.coAsif Khan
 

Similaire à CACert - A Community-driven Certification Authority - OpenSistemas (20)

FewerClicks Software Blockchain development presentation
FewerClicks Software Blockchain development presentationFewerClicks Software Blockchain development presentation
FewerClicks Software Blockchain development presentation
 
10 Best Images Of Blank Letter Practice Worksheet
10 Best Images Of Blank Letter Practice Worksheet10 Best Images Of Blank Letter Practice Worksheet
10 Best Images Of Blank Letter Practice Worksheet
 
The Robot Marketeer
The Robot MarketeerThe Robot Marketeer
The Robot Marketeer
 
How Quotient uses MariaDB to help customers save money
How Quotient uses MariaDB to help customers save moneyHow Quotient uses MariaDB to help customers save money
How Quotient uses MariaDB to help customers save money
 
Government Next: NIC Presentation
Government Next: NIC PresentationGovernment Next: NIC Presentation
Government Next: NIC Presentation
 
Consumer Token Offering
Consumer Token OfferingConsumer Token Offering
Consumer Token Offering
 
Open Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon EditionOpen Source Information Gathering Brucon Edition
Open Source Information Gathering Brucon Edition
 
Maximizing AI Business Value Creation Utilizing Patents
Maximizing AI Business Value Creation Utilizing PatentsMaximizing AI Business Value Creation Utilizing Patents
Maximizing AI Business Value Creation Utilizing Patents
 
How to raise money in a digital world
How to raise money in a digital worldHow to raise money in a digital world
How to raise money in a digital world
 
Blockchain Technology Meets 4x4 Innovation Financing
Blockchain Technology Meets 4x4 Innovation FinancingBlockchain Technology Meets 4x4 Innovation Financing
Blockchain Technology Meets 4x4 Innovation Financing
 
Cleveland Brown (Payscout): Payments in VR
Cleveland Brown (Payscout): Payments in VRCleveland Brown (Payscout): Payments in VR
Cleveland Brown (Payscout): Payments in VR
 
Next Generation Internet Marketing-Transformational Customer Experience
Next Generation Internet Marketing-Transformational Customer ExperienceNext Generation Internet Marketing-Transformational Customer Experience
Next Generation Internet Marketing-Transformational Customer Experience
 
A look inside the European Covid Green Certificate (Codemotion 2021)
A look inside the European Covid Green Certificate (Codemotion 2021)A look inside the European Covid Green Certificate (Codemotion 2021)
A look inside the European Covid Green Certificate (Codemotion 2021)
 
Traveling Essay Sample. Travelling Essay For Stude
Traveling Essay Sample. Travelling Essay For StudeTraveling Essay Sample. Travelling Essay For Stude
Traveling Essay Sample. Travelling Essay For Stude
 
Best training blockchain for colleges- https://diyblockchain.co
Best training blockchain for colleges- https://diyblockchain.coBest training blockchain for colleges- https://diyblockchain.co
Best training blockchain for colleges- https://diyblockchain.co
 
Diyblockchain 9jan2019 https://diyblockchain.co/
Diyblockchain 9jan2019 https://diyblockchain.co/Diyblockchain 9jan2019 https://diyblockchain.co/
Diyblockchain 9jan2019 https://diyblockchain.co/
 
Diyblockchain -best blockchain institute for corporate training -diyblockchai...
Diyblockchain -best blockchain institute for corporate training -diyblockchai...Diyblockchain -best blockchain institute for corporate training -diyblockchai...
Diyblockchain -best blockchain institute for corporate training -diyblockchai...
 
BEST CRYPTOCURRENCY TRAINING
BEST CRYPTOCURRENCY TRAININGBEST CRYPTOCURRENCY TRAINING
BEST CRYPTOCURRENCY TRAINING
 
BLOCKCHAIN AND CRYPTOCURRENCY COURSES
BLOCKCHAIN AND CRYPTOCURRENCY COURSESBLOCKCHAIN AND CRYPTOCURRENCY COURSES
BLOCKCHAIN AND CRYPTOCURRENCY COURSES
 
Diyblockchain -best training on blockchain - https://diyblockchain.co
Diyblockchain -best training on blockchain - https://diyblockchain.coDiyblockchain -best training on blockchain - https://diyblockchain.co
Diyblockchain -best training on blockchain - https://diyblockchain.co
 

Plus de OpenSistemas

OpenSistemas Corporate Presentation
OpenSistemas Corporate PresentationOpenSistemas Corporate Presentation
OpenSistemas Corporate PresentationOpenSistemas
 
Data Platform & Analytics OpenSistemas MSFT Playbook
Data Platform & Analytics OpenSistemas MSFT PlaybookData Platform & Analytics OpenSistemas MSFT Playbook
Data Platform & Analytics OpenSistemas MSFT PlaybookOpenSistemas
 
El futuro Data Driven en e-Learning y RR.HH.
El futuro Data Driven en e-Learning y RR.HH.El futuro Data Driven en e-Learning y RR.HH.
El futuro Data Driven en e-Learning y RR.HH.OpenSistemas
 
Apache spark y cómo lo usamos en nuestros proyectos
Apache spark y cómo lo usamos en nuestros proyectosApache spark y cómo lo usamos en nuestros proyectos
Apache spark y cómo lo usamos en nuestros proyectosOpenSistemas
 
El software como acción humana
El software como acción humanaEl software como acción humana
El software como acción humanaOpenSistemas
 
Cómo crear ports en FreeBSD #PicnicCode2015
Cómo crear ports en FreeBSD #PicnicCode2015Cómo crear ports en FreeBSD #PicnicCode2015
Cómo crear ports en FreeBSD #PicnicCode2015OpenSistemas
 
Área Education - OpenSistemas
Área Education - OpenSistemasÁrea Education - OpenSistemas
Área Education - OpenSistemasOpenSistemas
 
Drupal 7. Puesta en producción en sistemas multientorno
Drupal 7. Puesta en producción en sistemas multientornoDrupal 7. Puesta en producción en sistemas multientorno
Drupal 7. Puesta en producción en sistemas multientornoOpenSistemas
 
osBrain: una herramienta para la inversión automática en bolsa y mercados de ...
osBrain: una herramienta para la inversión automática en bolsa y mercados de ...osBrain: una herramienta para la inversión automática en bolsa y mercados de ...
osBrain: una herramienta para la inversión automática en bolsa y mercados de ...OpenSistemas
 
Área de Soporte - OpenSistemas
Área de Soporte - OpenSistemasÁrea de Soporte - OpenSistemas
Área de Soporte - OpenSistemasOpenSistemas
 
Minería de datos para trading automático
Minería de datos para trading automáticoMinería de datos para trading automático
Minería de datos para trading automáticoOpenSistemas
 
Proceso de liberación en el marco legal del código abierto - OpenSistemas
Proceso de liberación en el marco legal del código abierto - OpenSistemasProceso de liberación en el marco legal del código abierto - OpenSistemas
Proceso de liberación en el marco legal del código abierto - OpenSistemasOpenSistemas
 
Virtualization - Solaris LDOMs - OpenSistemas
Virtualization - Solaris LDOMs - OpenSistemasVirtualization - Solaris LDOMs - OpenSistemas
Virtualization - Solaris LDOMs - OpenSistemasOpenSistemas
 
Floss leaders - OpenSistemas
Floss leaders - OpenSistemasFloss leaders - OpenSistemas
Floss leaders - OpenSistemasOpenSistemas
 
Business Intelligence and Pentaho Services - OpenSistemas
Business Intelligence and Pentaho Services - OpenSistemasBusiness Intelligence and Pentaho Services - OpenSistemas
Business Intelligence and Pentaho Services - OpenSistemasOpenSistemas
 
easyGTD - product Info
easyGTD - product InfoeasyGTD - product Info
easyGTD - product InfoOpenSistemas
 
easyGTD - presentación producto
easyGTD - presentación productoeasyGTD - presentación producto
easyGTD - presentación productoOpenSistemas
 

Plus de OpenSistemas (18)

From SF with Love
From SF with LoveFrom SF with Love
From SF with Love
 
OpenSistemas Corporate Presentation
OpenSistemas Corporate PresentationOpenSistemas Corporate Presentation
OpenSistemas Corporate Presentation
 
Data Platform & Analytics OpenSistemas MSFT Playbook
Data Platform & Analytics OpenSistemas MSFT PlaybookData Platform & Analytics OpenSistemas MSFT Playbook
Data Platform & Analytics OpenSistemas MSFT Playbook
 
El futuro Data Driven en e-Learning y RR.HH.
El futuro Data Driven en e-Learning y RR.HH.El futuro Data Driven en e-Learning y RR.HH.
El futuro Data Driven en e-Learning y RR.HH.
 
Apache spark y cómo lo usamos en nuestros proyectos
Apache spark y cómo lo usamos en nuestros proyectosApache spark y cómo lo usamos en nuestros proyectos
Apache spark y cómo lo usamos en nuestros proyectos
 
El software como acción humana
El software como acción humanaEl software como acción humana
El software como acción humana
 
Cómo crear ports en FreeBSD #PicnicCode2015
Cómo crear ports en FreeBSD #PicnicCode2015Cómo crear ports en FreeBSD #PicnicCode2015
Cómo crear ports en FreeBSD #PicnicCode2015
 
Área Education - OpenSistemas
Área Education - OpenSistemasÁrea Education - OpenSistemas
Área Education - OpenSistemas
 
Drupal 7. Puesta en producción en sistemas multientorno
Drupal 7. Puesta en producción en sistemas multientornoDrupal 7. Puesta en producción en sistemas multientorno
Drupal 7. Puesta en producción en sistemas multientorno
 
osBrain: una herramienta para la inversión automática en bolsa y mercados de ...
osBrain: una herramienta para la inversión automática en bolsa y mercados de ...osBrain: una herramienta para la inversión automática en bolsa y mercados de ...
osBrain: una herramienta para la inversión automática en bolsa y mercados de ...
 
Área de Soporte - OpenSistemas
Área de Soporte - OpenSistemasÁrea de Soporte - OpenSistemas
Área de Soporte - OpenSistemas
 
Minería de datos para trading automático
Minería de datos para trading automáticoMinería de datos para trading automático
Minería de datos para trading automático
 
Proceso de liberación en el marco legal del código abierto - OpenSistemas
Proceso de liberación en el marco legal del código abierto - OpenSistemasProceso de liberación en el marco legal del código abierto - OpenSistemas
Proceso de liberación en el marco legal del código abierto - OpenSistemas
 
Virtualization - Solaris LDOMs - OpenSistemas
Virtualization - Solaris LDOMs - OpenSistemasVirtualization - Solaris LDOMs - OpenSistemas
Virtualization - Solaris LDOMs - OpenSistemas
 
Floss leaders - OpenSistemas
Floss leaders - OpenSistemasFloss leaders - OpenSistemas
Floss leaders - OpenSistemas
 
Business Intelligence and Pentaho Services - OpenSistemas
Business Intelligence and Pentaho Services - OpenSistemasBusiness Intelligence and Pentaho Services - OpenSistemas
Business Intelligence and Pentaho Services - OpenSistemas
 
easyGTD - product Info
easyGTD - product InfoeasyGTD - product Info
easyGTD - product Info
 
easyGTD - presentación producto
easyGTD - presentación productoeasyGTD - presentación producto
easyGTD - presentación producto
 

Dernier

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 

Dernier (20)

FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 

CACert - A Community-driven Certification Authority - OpenSistemas

  • 1. CACert A Community-driven Certification Authority Juanjo Amor jjamor@opensistemas.com OpenSistemas 29 Abril 2011 Juanjo Amor CACert
  • 2. (cc) 2011 Juanjo Amor and Wikipedia Some rights reserved. This work licensed under Creative Commons Attribution-ShareAlike License. To view a copy of full license, see http://creativecommons.org/licenses/by-sa/3.0/ or write to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Juanjo Amor CACert
  • 4. About Opensistemas Opensistemas is an international company Juanjo Amor CACert
  • 5. About Opensistemas Opensistemas is an international company highly specialized Juanjo Amor CACert
  • 6. About Opensistemas Opensistemas is an international company highly specialized in offering global IT solutions Juanjo Amor CACert
  • 7. About Opensistemas Opensistemas is an international company highly specialized in offering global IT solutionsbased on Open Sourceand Linuxplatforms. Juanjo Amor CACert
  • 9. About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Juanjo Amor CACert
  • 10. About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Juanjo Amor CACert
  • 11. About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Apply our knowledge of the opportunities offered by Open Source to deliver effective solutions and innovation to our customers while promoting the professional development of our employees and building value for shareholders. Juanjo Amor CACert
  • 12. About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Apply our knowledge of the opportunities offered by Open Source to deliver effective solutions and innovation to our customers while promoting the professional development of our employees and building value for shareholders. Our Values: Juanjo Amor CACert
  • 13. About Opensistemas Our Vision: To become the international leader in Open Source Technologies. Our Mission: Apply our knowledge of the opportunities offered by Open Source to deliver effective solutions and innovation to our customers while promoting the professional development of our employees and building value for shareholders. Our Values: Deliver effective solutiosn to our customers. Corporate social responsibility. Commitment to Open Source. Ethics and Respect for individuals. Research and Innovation. Teamwork. Commitment to the development of a society connected by information and knowledge. Juanjo Amor CACert
  • 16. About Opensistemas Opensistemas is present in nine locations over five countries: Spain (Madrid, Valencia, Barcelona, Sevilla, Zaragoza), Chile (Santiago), Colombia (Bogot´a), United Kingdom (London) and China (Shanghai). Juanjo Amor CACert
  • 20. PKI concepts PKI meaning... PKI = Public Key Infrastructure Juanjo Amor CACert
  • 21. PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates Juanjo Amor CACert
  • 22. PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... Juanjo Amor CACert
  • 23. PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority Juanjo Amor CACert
  • 24. PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority Juanjo Amor CACert
  • 25. PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority VA = Validation Authority Juanjo Amor CACert
  • 26. PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority VA = Validation Authority Public keys (person, server and authority certificates) Juanjo Amor CACert
  • 27. PKI concepts PKI meaning... PKI = Public Key Infrastructure a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates PKI components... CA = Certification Authority RA = Registration Authority VA = Validation Authority Public keys (person, server and authority certificates) Policies and procedures Juanjo Amor CACert
  • 28. PKI diagram of a public key infrastructure Juanjo Amor CACert
  • 29. PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... Juanjo Amor CACert
  • 30. PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Juanjo Amor CACert
  • 31. PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Our navigator trusts in signed certificates by that CA Juanjo Amor CACert
  • 32. PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Our navigator trusts in signed certificates by that CA The certificate chain informs browser about VA Juanjo Amor CACert
  • 33. PKI example 1: Standard CA Standard CAs such as Thawte, Verisign... CA: Joins the CA, RA, VA. Our navigator trusts in signed certificates by that CA The certificate chain informs browser about VA Example: Try to get certificate information by using Thawte SSL Ca Juanjo Amor CACert
  • 34. PKI example 2: The FNMT CA Spanish FNMT CA Juanjo Amor CACert
  • 35. PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. Juanjo Amor CACert
  • 36. PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... Juanjo Amor CACert
  • 37. PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers Juanjo Amor CACert
  • 38. PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers so we should import CA certificates into it. Juanjo Amor CACert
  • 39. PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers so we should import CA certificates into it. This is one of first certificates acknowledged for legally identifying people or enterprises in Spain. Juanjo Amor CACert
  • 40. PKI example 2: The FNMT CA Spanish FNMT CA CA: Joins CA and VA. RA: Delegated to other institutions such as AEAT, city councils... CA certificate is not directly recognized by standard browsers so we should import CA certificates into it. This is one of first certificates acknowledged for legally identifying people or enterprises in Spain. Example: Import FNMT certificate and then get its information. Juanjo Amor CACert
  • 41. PKI example 3: The DGP CA Spanish DGP (Police) CA Juanjo Amor CACert
  • 42. PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters Juanjo Amor CACert
  • 43. PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices Juanjo Amor CACert
  • 44. PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices VA: Delegated to third parties (FNMT, for example) Juanjo Amor CACert
  • 45. PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices VA: Delegated to third parties (FNMT, for example) This is the CA for spanish electronic ID (DNIe). Also acknowledged for legally identifying people. Juanjo Amor CACert
  • 46. PKI example 3: The DGP CA Spanish DGP (Police) CA CA: At DGP headquarters RA: At DGP DNIe offices VA: Delegated to third parties (FNMT, for example) This is the CA for spanish electronic ID (DNIe). Also acknowledged for legally identifying people. Example: Import DGP certificate and then get its information. Juanjo Amor CACert
  • 47. Web of Trust Web of trust Juanjo Amor CACert
  • 48. Web of Trust Web of trust Concept created by PGP creator. Juanjo Amor CACert
  • 49. Web of Trust Web of trust Concept created by PGP creator. Instead of having a “central” CA, we can build a trust network of signed public keys. Juanjo Amor CACert
  • 50. Web of Trust Web of trust Concept created by PGP creator. Instead of having a “central” CA, we can build a trust network of signed public keys. If A signs B, and C trust A, then C could trust B. Juanjo Amor CACert
  • 51. Web of Trust Web of trust Concept created by PGP creator. Instead of having a “central” CA, we can build a trust network of signed public keys. If A signs B, and C trust A, then C could trust B. CACert uses a variant of trust network... Juanjo Amor CACert
  • 53. CACert PKI What is CACERT? Juanjo Amor CACert
  • 54. CACert PKI What is CACERT? A community-driven certificate authority. Juanjo Amor CACert
  • 55. CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Juanjo Amor CACert
  • 56. CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Juanjo Amor CACert
  • 57. CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. Juanjo Amor CACert
  • 58. CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Juanjo Amor CACert
  • 59. CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Web of trust: Juanjo Amor CACert
  • 60. CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Web of trust: Meetings, Assurance points, Prospective Assurers and Assures. Juanjo Amor CACert
  • 61. CACert PKI What is CACERT? A community-driven certificate authority. CACERT issues public key certificates to public (server, people) freely. Robot CA: Certificates are automatically signed. These certificates are considered weak because CAcert does not emit any information in the certificates other than the domain name or email address (the CommonName field in X.509 certificates). Web of trust: Meetings, Assurance points, Prospective Assurers and Assures. Assured users can get, for example, email certificates with a complete CommonName field. Juanjo Amor CACert
  • 62. CACert inclusion status Can we use CACert server certificates with some browser? Juanjo Amor CACert
  • 63. CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Juanjo Amor CACert
  • 64. CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Yes, my Linux distro (Debian, etc) includes CA certificate in ca-certificates package. Juanjo Amor CACert
  • 65. CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Yes, my Linux distro (Debian, etc) includes CA certificate in ca-certificates package. No, my browser does not recognize the certificates and I cannot trust to a strange CA.crt file! (Like a self-signed certificate) Juanjo Amor CACert
  • 66. CACert inclusion status Can we use CACert server certificates with some browser? Yes, we can import CA certificate and go. . . Yes, my Linux distro (Debian, etc) includes CA certificate in ca-certificates package. No, my browser does not recognize the certificates and I cannot trust to a strange CA.crt file! (Like a self-signed certificate) Although Mozilla started a process to include the certificate, an audit suspended the process, because CACert needed to improve their management system. Juanjo Amor CACert
  • 67. CACert web of trust When you create a new CACert account: Juanjo Amor CACert
  • 68. CACert web of trust When you create a new CACert account: Only your email can be verified Juanjo Amor CACert
  • 69. CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: Juanjo Amor CACert
  • 70. CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: for including your real name to your account, Juanjo Amor CACert
  • 71. CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: for including your real name to your account, to generate better certificates, and finally, Juanjo Amor CACert
  • 72. CACert web of trust When you create a new CACert account: Only your email can be verified By meeting other CACert assurers you can get some points: for including your real name to your account, to generate better certificates, and finally, to be also a CACert assurer. Juanjo Amor CACert
  • 73. CACert web of trust Some rules: Juanjo Amor CACert
  • 74. CACert web of trust Some rules: An assurer can issue you upto 35 points. Juanjo Amor CACert
  • 75. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . Juanjo Amor CACert
  • 76. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers Juanjo Amor CACert
  • 77. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer Juanjo Amor CACert
  • 78. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” Juanjo Amor CACert
  • 79. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: Juanjo Amor CACert
  • 80. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Juanjo Amor CACert
  • 81. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody Juanjo Amor CACert
  • 82. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others Juanjo Amor CACert
  • 83. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . Juanjo Amor CACert
  • 84. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . When you got 50 experience points, then you can issue to others the maximum per session: 35 points Juanjo Amor CACert
  • 85. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . When you got 50 experience points, then you can issue to others the maximum per session: 35 points But in any case, you can, if you want, to issue less points than your maximum Juanjo Amor CACert
  • 86. CACert web of trust Some rules: An assurer can issue you upto 35 points. You need at least 50 points to have your full name assured . . . so you need to be assured by, at least, two existing assurers With 100 points you can also be an assurer . . . but you also need to pass an “assurer challenge” More rules: When you are promoted to assurer: Initially, you can issue 10 points to other people, and get 2 experience points when you assure somebody After you got 10 experience points, then you can issue 15 points to others . . . When you got 50 experience points, then you can issue to others the maximum per session: 35 points But in any case, you can, if you want, to issue less points than your maximum Juanjo Amor CACert
  • 87. CACert client certificates A client certificate is used to: Juanjo Amor CACert
  • 88. CACert client certificates A client certificate is used to: Identify yourself to a web site Juanjo Amor CACert
  • 89. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing Juanjo Amor CACert
  • 90. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . Juanjo Amor CACert
  • 91. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Juanjo Amor CACert
  • 92. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) Juanjo Amor CACert
  • 93. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration Juanjo Amor CACert
  • 94. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration When you are assured (50 points) you also get Juanjo Amor CACert
  • 95. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration When you are assured (50 points) you also get Name and email certified Juanjo Amor CACert
  • 96. CACert client certificates A client certificate is used to: Identify yourself to a web site Email signing . . . When you create a CACert account, you can get client certificates: Only the email is certified (by using email-ping) With 6 month expiration When you are assured (50 points) you also get Name and email certified 24 month expiration Juanjo Amor CACert
  • 97. CACert server certificates A server certificate is used to: Juanjo Amor CACert
  • 98. CACert server certificates A server certificate is used to: Secure website: identify a server to you Juanjo Amor CACert
  • 99. CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: Juanjo Amor CACert
  • 100. CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration Juanjo Amor CACert
  • 101. CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration When you are assured (50 points) you also get Juanjo Amor CACert
  • 102. CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration When you are assured (50 points) you also get 24 month expiration Juanjo Amor CACert
  • 103. CACert server certificates A server certificate is used to: Secure website: identify a server to you When you create a CACert account, you can get server certificates: With 6 month expiration When you are assured (50 points) you also get 24 month expiration In all cases, you need to be able to ping DNS name by receiven a postmaster email from DNS owner, and only website DNS name is assured, because CACert assurers are not able verify legal owner. Juanjo Amor CACert
  • 105. Exercises Final exercises 1 Creating your CACert account. 2 Creating your email certificate, with browser and then with openssl 3 Creating a web certificate, with openssl and apache 4 Want to be assured? Juanjo Amor CACert