SlideShare une entreprise Scribd logo

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

Taisuke Yamada
Taisuke Yamada

Presentation done at TLUG 2011/2/19 tech meeting. Includes introductory information on CAcert, and also an invitation to the first official CAcert. ATE (Assurer Training Event) Tokyo in Japan. ATE Tokyo will be on Mar 5 (Sun), during OSC (OpenSource Conference) 2011 Tokyo/Spring at Waseda University (near Shinjuku).

Technologie
1  sur  19
Télécharger pour lire hors ligne
The Cacert Project - An Invitation to CAcert ATE Tokyo - Taisuke Yamada @tyamadajp
Agenda 1. What is Cacert? 2. What can it do for you 3. Current status 4. How does it work 5. Invitation to ATE Tokyo (at OSC2011, on Mar 5, 2011)
So, what is it? It's a “community”-based Certificate Authority
So, what is it? What? → OK, I'll explain...
Certificated-based “trust” basics Websites Email Application How do you know that what you are accessing is what it claims to be?
Solution: “Chain of trust” For you, everything is built on These 2 links you trust! Root CA User Web Intermediate CA Email User App User Distribution
So, what about CAcert? Usual CA CAcert The G-O-D(tm) Automated Root CA Issuer Web-of-Trust “All you need is “Trust each other, to BELIEVE (me)” and I'll bless you”
In another word, Now, the G-O-D is gone, replaced by the Web-of- Trust.
What can CAcert do for me? 0pt Issues minimal server / client / S/MIME cert. Valid for 6 months. 50pt Issues fully descriptive cert, backed by higher class cert. Valid for 2 years. 100pt All of the above + code-signing cert. You can also give out points if you pass the Assurer Challenge test. By being “assured”, you'll obtain points for creating higher-level certificate.
But WAIT! Isn't that a “Ore-Ore”?
But WAIT! Isn't that a “Ore-Ore”? Named after “Ore-Ore“ fraud scheme, which calls up elderly (like 80+ old) and tells “Granma, it's me! (Ore!) I had a accident with Yakuza, and need to pay them! Please! Let me borrow $5000! My bank account is...”. Who got a call will panic, and sends without thinking. So “Ore-Ore” cert is a cert that claims its public authority without backing of any other public CA.
Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD There're “cheap” commercial CAs. But, CAcert's goals are: ・ To build world-acknowledged CA based on community effort ・ Provide *everyone* a secure env. It's also useful to make cert managemnet easier!
Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD In short, audit by independent third party is required. And in 2010, CAcert has prepared all the legal docs and (strict) policy for an audit! (some still under draft).
How does it work, and what do I do? For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you, along with government-issued ID. 3. Fill out, sign, and give the CAP form in front of an assurer, face-to-face You can start issuing certs right after registration. It's just more points are needed to create higher-level ones.
How does it work, and what do I do? For Assurer 1. Try best to check validity of user- provided ID (ex. UV-light checks) 2. Understand, and explain member's obligation (ref: Community Agreement) 3. Don't just give out full points. Give points based on your “confidence”. Think: What if some Martian comes up and provides you an ID of “Galactic Empire”?
Topics in Japan We are having the first official CAcert event in Japan!
ATE Tokyo (Assurer Training Event) 1. One of the requirements to become a “Senior Assurer”. 2. A chance to assurer people to become a “Experienced Assurer” 3. A chance to obtain 100+pt. Peter Yuill of CAcert.org, who is happening to be in Japan during OSC2011 period, has offered to be a “trainer” of the event! If you miss this, “next time” might not come in few years!
NOTE: Assurer “Experience Point” 0EP Can give up to 10pt/assurance. Each assurance provides 2EP back to an assurer. ... 50EP Can give up to 35pt. Who reaches this level is called “Exp. Assurer” Senior Assurer is a “Exp. Assurer”++, who is regarded to be capable of handling deeper CAcert activities.
Announcement Date :2011/3/5 Place: Waseda Univ. Shinjuku Sports Center West Campus(63&61)    + city's meetup space Sessions: - Training (ATE) in OSC - Assurance (signing) in OSC Dept of Sci. And Eng. and right after OSC closing Please go and register to http://www.ospn.jp/osc2011-spring/ !

Recommandé

Charity Items from Debian JP Project
Charity Items from Debian JP ProjectCharity Items from Debian JP Project
Charity Items from Debian JP Project
Taisuke Yamada
 
Casual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUXCasual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUX
Taisuke Yamada
 
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
Taisuke Yamada
 
Invitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code ExplorationInvitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code Exploration
Taisuke Yamada
 
Putting the Work Into Social Networking
Putting the Work Into Social NetworkingPutting the Work Into Social Networking
Putting the Work Into Social Networking
Colin Gray
 
Windows 8
Windows 8Windows 8
Windows 8
Priyesh Neema
 
CACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemasCACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemas
OpenSistemas
 
Infinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every secondInfinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every second
Taisuke Yamada
 

Recommandé

Charity Items from Debian JP Project
Charity Items from Debian JP ProjectCharity Items from Debian JP Project
Charity Items from Debian JP Project
Taisuke Yamada
 
Casual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUXCasual Web-browsing with gPXE and SYSLINUX
Casual Web-browsing with gPXE and SYSLINUX
Taisuke Yamada
 
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
The CAcert Project - An Invitation to CAcert ATE at OSC/Tokyo 2011 (JP)
Taisuke Yamada
 
Invitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code ExplorationInvitation to Kernel Parameter and Code Exploration
Invitation to Kernel Parameter and Code Exploration
Taisuke Yamada
 
Putting the Work Into Social Networking
Putting the Work Into Social NetworkingPutting the Work Into Social Networking
Putting the Work Into Social Networking
Colin Gray
 
Windows 8
Windows 8Windows 8
Windows 8
Priyesh Neema
 
CACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemasCACert - A Community-driven Certification Authority - OpenSistemas
CACert - A Community-driven Certification Authority - OpenSistemas
OpenSistemas
 
Infinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every secondInfinite Debian - Platform for mass-producing system every second
Infinite Debian - Platform for mass-producing system every second
Taisuke Yamada
 
OxCEPT Introduction
OxCEPT IntroductionOxCEPT Introduction
OxCEPT Introduction
MattSims
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
Brussels Legal Hackers
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
T.Rob Wyatt
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
OWASP EEE
 
Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud
CA API Management
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
André Goliath
 
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart CardsClient Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Ed Dodds
 
Describe how corda works
Describe how corda works Describe how corda works
Describe how corda works
Blockchain Council
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
CheapSSLsecurity
 
Agile code quality metrics
Agile code quality metricsAgile code quality metrics
Agile code quality metrics
Gil Nahmias
 
What Is EDI: Whitepaper Download
What Is EDI: Whitepaper DownloadWhat Is EDI: Whitepaper Download
What Is EDI: Whitepaper Download
Dicentral Corporation
 
Sect f41
Sect f41Sect f41
Sect f41
SelectedPresentations
 
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshopBlockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Next Space Pvt. Ltd
 
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
CloudIDSummit
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
CloudIDSummit
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
WAFAA AL SALMAN
 
ICO digest TrustaBit
ICO digest TrustaBitICO digest TrustaBit
ICO digest TrustaBit
Andre Varnavskii
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
mirmaisam
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 
ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴
Taisuke Yamada
 
DIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 MinutesDIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 Minutes
Taisuke Yamada
 

Contenu connexe

Similaire à The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
Brussels Legal Hackers
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
mirmaisam
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
Sean Xiong
 

Similaire à The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN) (20)

OxCEPT Introduction
OxCEPT IntroductionOxCEPT Introduction
OxCEPT Introduction
 
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
20190316 - CLBFest - Blockchain is WTF - Gerrie Smits
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 
Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud Patterns to Bring Enterprise and Social Identity to the Cloud
Patterns to Bring Enterprise and Social Identity to the Cloud
 
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
Von JavaEE auf Microservice in 6 Monaten - The Good, the Bad, and the wtfs...
 
Client Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart CardsClient Cert Deployment Models and Hardware Tokens/Smart Cards
Client Cert Deployment Models and Hardware Tokens/Smart Cards
 
Describe how corda works
Describe how corda works Describe how corda works
Describe how corda works
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
 
Agile code quality metrics
Agile code quality metricsAgile code quality metrics
Agile code quality metrics
 
What Is EDI: Whitepaper Download
What Is EDI: Whitepaper DownloadWhat Is EDI: Whitepaper Download
What Is EDI: Whitepaper Download
 
Sect f41
Sect f41Sect f41
Sect f41
 
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshopBlockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
Blockchain, Bitcoin, Crypto assets, Initial Coin Offer workshop
 
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
apidays LIVE Australia 2021 - API Horror Stories from an Unnamed Coworking Co...
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
 
CIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You EatCIS14: Authentication: Who are You? You are What You Eat
CIS14: Authentication: Who are You? You are What You Eat
 
Kerberos-PKI-Federated identity
Kerberos-PKI-Federated identityKerberos-PKI-Federated identity
Kerberos-PKI-Federated identity
 
ICO digest TrustaBit
ICO digest TrustaBitICO digest TrustaBit
ICO digest TrustaBit
 
How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?How EverTrust Horizon PKI Automation can help your business?
How EverTrust Horizon PKI Automation can help your business?
 
Claim based authentaication
Claim based authentaicationClaim based authentaication
Claim based authentaication
 

Plus de Taisuke Yamada

Nilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebianNilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebian
Taisuke Yamada
 

Plus de Taisuke Yamada (18)

ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴ウェブパフォーマンス計測の落とし穴
ウェブパフォーマンス計測の落とし穴
 
DIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 MinutesDIY Akamai Globe in 50 Minutes
DIY Akamai Globe in 50 Minutes
 
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
ウェブサイト最適化101 - 正しく測ろうあなたのサイト -
 
Quick QUIC Technical Update (2017)
Quick QUIC Technical Update (2017)Quick QUIC Technical Update (2017)
Quick QUIC Technical Update (2017)
 
IoT Deep Dive - Be an IoT Developer for an Hour
IoT Deep Dive - Be an IoT Developer for an HourIoT Deep Dive - Be an IoT Developer for an Hour
IoT Deep Dive - Be an IoT Developer for an Hour
 
Pythonではじめるソフトウェア無線
Pythonではじめるソフトウェア無線Pythonではじめるソフトウェア無線
Pythonではじめるソフトウェア無線
 
Getting Started with SDR in Python
Getting Started with SDR in PythonGetting Started with SDR in Python
Getting Started with SDR in Python
 
VSCode Remoteでも画像コピペがしたいです!
VSCode Remoteでも画像コピペがしたいです!VSCode Remoteでも画像コピペがしたいです!
VSCode Remoteでも画像コピペがしたいです!
 
InfiniBand on Debian
InfiniBand on DebianInfiniBand on Debian
InfiniBand on Debian
 
Hacking Ruby with Python
Hacking Ruby with PythonHacking Ruby with Python
Hacking Ruby with Python
 
mod_auth_ticket - Bringing Single-Sign-On to lighttpd
mod_auth_ticket - Bringing Single-Sign-On to lighttpdmod_auth_ticket - Bringing Single-Sign-On to lighttpd
mod_auth_ticket - Bringing Single-Sign-On to lighttpd
 
Introduction to Initramfs - Initramfs-tools and Dracut
Introduction to Initramfs - Initramfs-tools and DracutIntroduction to Initramfs - Initramfs-tools and Dracut
Introduction to Initramfs - Initramfs-tools and Dracut
 
Hadoop book-2nd-ch3-update
Hadoop book-2nd-ch3-updateHadoop book-2nd-ch3-update
Hadoop book-2nd-ch3-update
 
201012 cacert-at-tokyodebian
201012 cacert-at-tokyodebian201012 cacert-at-tokyodebian
201012 cacert-at-tokyodebian
 
Nilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebianNilfs usage-report-and-comparison-at-tokyodebian
Nilfs usage-report-and-comparison-at-tokyodebian
 
Embed Shogiboard - my first mediawiki extension -
Embed Shogiboard - my first mediawiki extension -Embed Shogiboard - my first mediawiki extension -
Embed Shogiboard - my first mediawiki extension -
 
The Web That Wasn't - WikiBana #10 LT
The Web That Wasn't - WikiBana #10 LTThe Web That Wasn't - WikiBana #10 LT
The Web That Wasn't - WikiBana #10 LT
 
WebDAV, ATOM, and REST
WebDAV, ATOM, and RESTWebDAV, ATOM, and REST
WebDAV, ATOM, and REST
 

Dernier

Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
UXDXConf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
UXDXConf
 
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyMotion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
UXDXConf
 
Transforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UXTransforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UX
UXDXConf
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 

Dernier (20)

Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
The architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdfThe architecture of Generative AI for enterprises.pdf
The architecture of Generative AI for enterprises.pdf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Server-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at PricelineServer-Driven User Interface (SDUI) at Priceline
Server-Driven User Interface (SDUI) at Priceline
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
Motion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in TechnologyMotion for AI: Creating Empathy in Technology
Motion for AI: Creating Empathy in Technology
 
Transforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UXTransforming The New York Times: Empowering Evolution through UX
Transforming The New York Times: Empowering Evolution through UX
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 

The CAcert Project - An Invitation to CAcert ATE in OSC/Tokyo 2011 (EN)

  • 1. The Cacert Project - An Invitation to CAcert ATE Tokyo - Taisuke Yamada @tyamadajp
  • 2. Agenda 1. What is Cacert? 2. What can it do for you 3. Current status 4. How does it work 5. Invitation to ATE Tokyo (at OSC2011, on Mar 5, 2011)
  • 3. So, what is it? It's a “community”-based Certificate Authority
  • 4. So, what is it? What? → OK, I'll explain...
  • 5. Certificated-based “trust” basics Websites Email Application How do you know that what you are accessing is what it claims to be?
  • 6. Solution: “Chain of trust” For you, everything is built on These 2 links you trust! Root CA User Web Intermediate CA Email User App User Distribution
  • 7. So, what about CAcert? Usual CA CAcert The G-O-D(tm) Automated Root CA Issuer Web-of-Trust “All you need is “Trust each other, to BELIEVE (me)” and I'll bless you”
  • 8. In another word, Now, the G-O-D is gone, replaced by the Web-of- Trust.
  • 9. What can CAcert do for me? 0pt Issues minimal server / client / S/MIME cert. Valid for 6 months. 50pt Issues fully descriptive cert, backed by higher class cert. Valid for 2 years. 100pt All of the above + code-signing cert. You can also give out points if you pass the Assurer Challenge test. By being “assured”, you'll obtain points for creating higher-level certificate.
  • 10. But WAIT! Isn't that a “Ore-Ore”?
  • 11. But WAIT! Isn't that a “Ore-Ore”? Named after “Ore-Ore“ fraud scheme, which calls up elderly (like 80+ old) and tells “Granma, it's me! (Ore!) I had a accident with Yakuza, and need to pay them! Please! Let me borrow $5000! My bank account is...”. Who got a call will panic, and sends without thinking. So “Ore-Ore” cert is a cert that claims its public authority without backing of any other public CA.
  • 12. Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD There're “cheap” commercial CAs. But, CAcert's goals are: ・ To build world-acknowledged CA based on community effort ・ Provide *everyone* a secure env. It's also useful to make cert managemnet easier!
  • 13. Going for a “True” Root CA ● Already in many Linux/*BSD distros ● Current target: Mozilla ● Windows and OSX: TBD In short, audit by independent third party is required. And in 2010, CAcert has prepared all the legal docs and (strict) policy for an audit! (some still under draft).
  • 14. How does it work, and what do I do? For Users 1. Register at CAcert.org 2. Print CAP form, and bring it with you, along with government-issued ID. 3. Fill out, sign, and give the CAP form in front of an assurer, face-to-face You can start issuing certs right after registration. It's just more points are needed to create higher-level ones.
  • 15. How does it work, and what do I do? For Assurer 1. Try best to check validity of user- provided ID (ex. UV-light checks) 2. Understand, and explain member's obligation (ref: Community Agreement) 3. Don't just give out full points. Give points based on your “confidence”. Think: What if some Martian comes up and provides you an ID of “Galactic Empire”?
  • 16. Topics in Japan We are having the first official CAcert event in Japan!
  • 17. ATE Tokyo (Assurer Training Event) 1. One of the requirements to become a “Senior Assurer”. 2. A chance to assurer people to become a “Experienced Assurer” 3. A chance to obtain 100+pt. Peter Yuill of CAcert.org, who is happening to be in Japan during OSC2011 period, has offered to be a “trainer” of the event! If you miss this, “next time” might not come in few years!
  • 18. NOTE: Assurer “Experience Point” 0EP Can give up to 10pt/assurance. Each assurance provides 2EP back to an assurer. ... 50EP Can give up to 35pt. Who reaches this level is called “Exp. Assurer” Senior Assurer is a “Exp. Assurer”++, who is regarded to be capable of handling deeper CAcert activities.
  • 19. Announcement Date :2011/3/5 Place: Waseda Univ. Shinjuku Sports Center West Campus(63&61)    + city's meetup space Sessions: - Training (ATE) in OSC - Assurance (signing) in OSC Dept of Sci. And Eng. and right after OSC closing Please go and register to http://www.ospn.jp/osc2011-spring/ !