SlideShare une entreprise Scribd logo

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

Taisuke Yamada
Taisuke Yamada

Presentation done at TLUG 2011/2/19 tech meeting. Includes introductory information on CAcert, and also an invitation to the first official CAcert. ATE (Assurer Training Event) Tokyo in Japan. ATE Tokyo will be on Mar 5 (Sun), during OSC (OpenSource Conference) 2011 Tokyo/Spring at Waseda University (near Shinjuku).

Technologie
1  sur  19
Télécharger pour lire hors ligne
The Cacert Project - An Invitation to CAcert ATE Tokyo - Taisuke Yamada @tyamadajp
Agenda 1. What is Cacert? 2. What can it do for you 3. Current status 4. How does it work 5. Invitation to ATE Tokyo (at OSC2011, on Mar 5, 2011)
So, what is it? It's a “community”-based Certificate Authority
So, what is it? What? → OK, I'll explain...
Certificated-based “trust” basics Websites Email Application How do you know that what you are accessing is what it claims to be?
Solution: “Chain of trust” For you, everything is built on These 2 links you trust! Root CA User Web Intermediate CA Email User App User Distribution
So, what about CAcert? Usual CA CAcert The G-O-D(tm) Automated Root CA Issuer Web-of-Trust “All you need is “Trust each other, to BELIEVE (me)” and I'll bless you”
In another word, Now, the G-O-D is gone, replaced by the Web-of- Trust.
What can CAcert do for me? 0pt Issues minimal server / client / S/MIME cert. Valid for 6 months. 50pt Issues fully descriptive cert, backed by higher class cert. Valid for 2 years. 100pt All of the above + code-signing cert. You can also give out points if you pass the Assurer Challenge test. By being “assured”, you'll obtain points for creating higher-level certificate.
But WAIT! Isn't that a “Ore-Ore”?
But WAIT! Isn't that a “Ore-Ore”? Named after “Ore-Ore“ fraud scheme, which calls up elderly (like 80+ old) and tells “Granma, it's me! (Ore!) I had a accident with Yakuza, and need to pay them! Please! Let me borrow $5000! My bank account is...”. Who got a call will panic, and sends without thinking. So “Ore-Ore” cert is a cert that claims its public authority without backing of any other public CA.
Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD There're “cheap” commercial CAs. But, CAcert's goals are: ・ To build world-acknowledged CA based on community effort ・ Provide *everyone* a secure env. It's also useful to make cert managemnet easier!
Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD In short, audit by independent third party is required. And in 2010, CAcert has prepared all the legal docs and (strict) policy for an audit! (some still under draft).
How does it work, and what do I do? For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you, along with government-issued ID. 3. Fill out, sign, and give the CAP form in front of an assurer, face-to-face You can start issuing certs right after registration. It's just more points are needed to create higher-level ones.
How does it work, and what do I do? For Assurer 1. Try best to check validity of user- provided ID (ex. UV-light checks) 2. Understand, and explain member's obligation (ref: Community Agreement) 3. Don't just give out full points. Give points based on your “confidence”. Think: What if some Martian comes up and provides you an ID of “Galactic Empire”?
Topics in Japan We are having the first official CAcert event in Japan!
ATE Tokyo (Assurer Training Event) 1. One of the requirements to become a “Senior Assurer”. 2. A chance to assurer people to become a “Experienced Assurer” 3. A chance to obtain 100+pt. Peter Yuill of CAcert.org, who is happening to be in Japan during OSC2011 period, has offered to be a “trainer” of the event! If you miss this, “next time” might not come in few years!
NOTE: Assurer “Experience Point” 0EP Can give up to 10pt/assurance. Each assurance provides 2EP back to an assurer. ... 50EP Can give up to 35pt. Who reaches this level is called “Exp. Assurer” Senior Assurer is a “Exp. Assurer”++, who is regarded to be capable of handling deeper CAcert activities.
Announcement Date :2011/3/5 Place: Waseda Univ. Shinjuku Sports Center West Campus(63&61)    + city's meetup space Sessions: - Training (ATE) in OSC - Assurance (signing) in OSC Dept of Sci. And Eng. and right after OSC closing Please go and register to http://www.ospn.jp/osc2011-spring/ !

Recommandé

Charity Items from Debian JP Project
Charity Items from Debian JP ProjectCharity Items from Debian JP Project
Charity Items from Debian JP Project
Taisuke Yamada
 
Casual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUXCasual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUX
Taisuke Yamada
 
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
Taisuke Yamada
 
Invitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code ExplorationInvitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code Exploration
Taisuke Yamada
 
Putting the Work Into Social Networking
Putting the Work Into Social NetworkingPutting the Work Into Social Networking
Putting the Work Into Social Networking
Colin Gray
 
Windows 8
Windows 8Windows 8
Windows 8
Priyesh Neema
 
CACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemasCACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemas
OpenSistemas
 
Infinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every secondInfinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every second
Taisuke Yamada
 

Recommandé

Charity Items from Debian JP Project
Charity Items from Debian JP ProjectCharity Items from Debian JP Project
Charity Items from Debian JP Project
Taisuke Yamada
 
Casual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUXCasual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUX
Taisuke Yamada
 
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
Taisuke Yamada
 
Invitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code ExplorationInvitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code Exploration
Taisuke Yamada
 
Putting the Work Into Social Networking
Putting the Work Into Social NetworkingPutting the Work Into Social Networking
Putting the Work Into Social Networking
Colin Gray
 
Windows 8
Windows 8Windows 8
Windows 8
Priyesh Neema
 
CACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemasCACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemas
OpenSistemas
 
Infinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every secondInfinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every second
Taisuke Yamada
 
OxCEPT Introduction
OxCEPT IntroductionOxCEPT Introduction
OxCEPT Introduction
MattSims
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
Brussels Legal Hackers
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
T.Rob Wyatt
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE
 
Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud
CA API Management
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
André Goliath
 
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart CardsClient Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Ed Dodds
 
Describe how corda works
Describe how corda works Describe how corda works
Describe how corda works
Blockchain Council
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
CheapSSLsecurity
 
Agile code quality metrics
Agile code quality metricsAgile code quality metrics
Agile code quality metrics
Gil Nahmias
 
What Is EDI: Whitepaper Download
What Is EDI: Whitepaper DownloadWhat Is EDI: Whitepaper Download
What Is EDI: Whitepaper Download
Dicentral Corporation
 
Sect f41
Sect f41Sect f41
Sect f41
SelectedPresentations
 
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshopBlockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Next Space Pvt. Ltd
 
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
CloudIDSummit
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
CloudIDSummit
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
WAFAA AL SALMAN
 
ICO digest TrustaBit
ICO digest TrustaBitICO digest TrustaBit
ICO digest TrustaBit
Andre Varnavskii
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
mirmaisam
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 
ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴
Taisuke Yamada
 
DIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 MinutesDIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 Minutes
Taisuke Yamada
 

Contenu connexe

Similaire à The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
Brussels Legal Hackers
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
mirmaisam
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 

Similaire à The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN) (20)

OxCEPT Introduction
OxCEPT IntroductionOxCEPT Introduction
OxCEPT Introduction
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 
Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
 
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart CardsClient Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart Cards
 
Describe how corda works
Describe how corda works Describe how corda works
Describe how corda works
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
 
Agile code quality metrics
Agile code quality metricsAgile code quality metrics
Agile code quality metrics
 
What Is EDI: Whitepaper Download
What Is EDI: Whitepaper DownloadWhat Is EDI: Whitepaper Download
What Is EDI: Whitepaper Download
 
Sect f41
Sect f41Sect f41
Sect f41
 
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshopBlockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
 
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
 
ICO digest TrustaBit
ICO digest TrustaBitICO digest TrustaBit
ICO digest TrustaBit
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
 

Plus de Taisuke Yamada

Nilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebianNilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebian
Taisuke Yamada
 

Plus de Taisuke Yamada (18)

ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴
 
DIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 MinutesDIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 Minutes
 
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
 
Quick QUIC Technical Update (2017)
Quick QUIC Technical Update (2017)Quick QUIC Technical Update (2017)
Quick QUIC Technical Update (2017)
 
IoT Deep Dive - Be an IoT Developer for an Hour
IoT Deep Dive - Be an IoT Developer for an HourIoT Deep Dive - Be an IoT Developer for an Hour
IoT Deep Dive - Be an IoT Developer for an Hour
 
Pythonではじめるソフトウェア無線
Pythonではじめるソフトウェア無線Pythonではじめるソフトウェア無線
Pythonではじめるソフトウェア無線
 
Getting Started with SDR in Python
Getting Started with SDR in PythonGetting Started with SDR in Python
Getting Started with SDR in Python
 
VSCode Remoteでも画像コピペがしたいです!
VSCode Remoteでも画像コピペがしたいです!VSCode Remoteでも画像コピペがしたいです!
VSCode Remoteでも画像コピペがしたいです!
 
InfiniBand on Debian
InfiniBand on DebianInfiniBand on Debian
InfiniBand on Debian
 
Hacking Ruby with Python
Hacking Ruby with PythonHacking Ruby with Python
Hacking Ruby with Python
 
mod_auth_ticket - Bringing Single-Sign-On to lighttpd
mod_auth_ticket - Bringing Single-Sign-On to lighttpdmod_auth_ticket - Bringing Single-Sign-On to lighttpd
mod_auth_ticket - Bringing Single-Sign-On to lighttpd
 
Introduction to Initramfs - Initramfs-tools and Dracut
Introduction to Initramfs - Initramfs-tools and DracutIntroduction to Initramfs - Initramfs-tools and Dracut
Introduction to Initramfs - Initramfs-tools and Dracut
 
Hadoop book-2nd-ch3-update
Hadoop book-2nd-ch3-updateHadoop book-2nd-ch3-update
Hadoop book-2nd-ch3-update
 
201012 cacert-at-tokyodebian
201012 cacert-at-tokyodebian201012 cacert-at-tokyodebian
201012 cacert-at-tokyodebian
 
Nilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebianNilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebian
 
Embed Shogiboard - my first mediawiki extension -
Embed Shogiboard - my first mediawiki extension -Embed Shogiboard - my first mediawiki extension -
Embed Shogiboard - my first mediawiki extension -
 
The Web That Wasn't - WikiBana #10 LT
The Web That Wasn't - WikiBana #10 LTThe Web That Wasn't - WikiBana #10 LT
The Web That Wasn't - WikiBana #10 LT
 
WebDAV, ATOM, and REST
WebDAV, ATOM, and RESTWebDAV, ATOM, and REST
WebDAV, ATOM, and REST
 

Dernier

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Dernier (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

  • 1. The Cacert Project - An Invitation to CAcert ATE Tokyo - Taisuke Yamada @tyamadajp
  • 2. Agenda 1. What is Cacert? 2. What can it do for you 3. Current status 4. How does it work 5. Invitation to ATE Tokyo (at OSC2011, on Mar 5, 2011)
  • 3. So, what is it? It's a “community”-based Certificate Authority
  • 4. So, what is it? What? → OK, I'll explain...
  • 5. Certificated-based “trust” basics Websites Email Application How do you know that what you are accessing is what it claims to be?
  • 6. Solution: “Chain of trust” For you, everything is built on These 2 links you trust! Root CA User Web Intermediate CA Email User App User Distribution
  • 7. So, what about CAcert? Usual CA CAcert The G-O-D(tm) Automated Root CA Issuer Web-of-Trust “All you need is “Trust each other, to BELIEVE (me)” and I'll bless you”
  • 8. In another word, Now, the G-O-D is gone, replaced by the Web-of- Trust.
  • 9. What can CAcert do for me? 0pt Issues minimal server / client / S/MIME cert. Valid for 6 months. 50pt Issues fully descriptive cert, backed by higher class cert. Valid for 2 years. 100pt All of the above + code-signing cert. You can also give out points if you pass the Assurer Challenge test. By being “assured”, you'll obtain points for creating higher-level certificate.
  • 10. But WAIT! Isn't that a “Ore-Ore”?
  • 11. But WAIT! Isn't that a “Ore-Ore”? Named after “Ore-Ore“ fraud scheme, which calls up elderly (like 80+ old) and tells “Granma, it's me! (Ore!) I had a accident with Yakuza, and need to pay them! Please! Let me borrow $5000! My bank account is...”. Who got a call will panic, and sends without thinking. So “Ore-Ore” cert is a cert that claims its public authority without backing of any other public CA.
  • 12. Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD There're “cheap” commercial CAs. But, CAcert's goals are: ・ To build world-acknowledged CA based on community effort ・ Provide *everyone* a secure env. It's also useful to make cert managemnet easier!
  • 13. Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD In short, audit by independent third party is required. And in 2010, CAcert has prepared all the legal docs and (strict) policy for an audit! (some still under draft).
  • 14. How does it work, and what do I do? For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you, along with government-issued ID. 3. Fill out, sign, and give the CAP form in front of an assurer, face-to-face You can start issuing certs right after registration. It's just more points are needed to create higher-level ones.
  • 15. How does it work, and what do I do? For Assurer 1. Try best to check validity of user- provided ID (ex. UV-light checks) 2. Understand, and explain member's obligation (ref: Community Agreement) 3. Don't just give out full points. Give points based on your “confidence”. Think: What if some Martian comes up and provides you an ID of “Galactic Empire”?
  • 16. Topics in Japan We are having the first official CAcert event in Japan!
  • 17. ATE Tokyo (Assurer Training Event) 1. One of the requirements to become a “Senior Assurer”. 2. A chance to assurer people to become a “Experienced Assurer” 3. A chance to obtain 100+pt. Peter Yuill of CAcert.org, who is happening to be in Japan during OSC2011 period, has offered to be a “trainer” of the event! If you miss this, “next time” might not come in few years!
  • 18. NOTE: Assurer “Experience Point” 0EP Can give up to 10pt/assurance. Each assurance provides 2EP back to an assurer. ... 50EP Can give up to 35pt. Who reaches this level is called “Exp. Assurer” Senior Assurer is a “Exp. Assurer”++, who is regarded to be capable of handling deeper CAcert activities.
  • 19. Announcement Date :2011/3/5 Place: Waseda Univ. Shinjuku Sports Center West Campus(63&61)    + city's meetup space Sessions: - Training (ATE) in OSC - Assurance (signing) in OSC Dept of Sci. And Eng. and right after OSC closing Please go and register to http://www.ospn.jp/osc2011-spring/ !