CeBIT Open Source Project Lounge -- CAcert
CAcert -- community based certificate authorityBy
CAcert is among the 15 projects that will present their work at CeBIT, offering community based security certificates.
In a nutshell - describe your project in a few words:
CAcert is a community based certificate authority with the objective of providing a free, open and transparent public key (PK) infrastructure for all its community members. It seeks to provide an enhanced experience in the virtual world by connecting the virtual identities of the Internet with real world entities.
When did the project begin?
In 2002 with CAcert.org and in 2003 with CAcert, Inc.
How many active members does the project have?
3,257 active assurers (those passing our Assurance Challenge) and 19,067 participants, as of January 18, 2010.
How did the project come about?
Duane Groth wanted to secure the WLAN network of his hometown, which was too expensive, so started the community.
What would make a CeBIT visitor interested in your booth?
1. Anyone can become a community member to use free certificates as long as they get assurance of identity as part of our Organization Assurance program.
2. Small companies, organizations and schools with smaller budgets can get information about how they can add value for their customers or members with the help of client certificate logins to their Internet portals.
3. Linux distributions and software developers can learn how to extend their software with features so that Internet portal or application users are assured secure access.
Who do you make your software for?
Community members have the choice to create client certificates, e-mail certificates (signing and encryption) or server certificates (SSL and TLS) and sign documents or code. They can also sign PGP/PGP keys (engage in keysigning parties).
Where do you see your biggest current challenge?
Browser integration of root certificates into the operating systems require audits handled by the community. These audits are time consuming.
If you were to hire a full-time project developer now, what problem should he or she be ready to solve?
The requirement for audits spawned a new software development project called "Birdshack" during the spring of 2009. We need developers to implement this project.
Under which license is the software currently offered?
GNU General Public License v2, June 1991.
Internet adress: http://www.cacert.org
Bug database has a bug of its own that could allow an intruder to create an unauthorized account.
Report focuses federal resources on achieving universal Internet access.
Leading browser makers say “no” to porous encryption algorithm
Report from the X-Force group says attackers are using TOR to hide their crimes
Future Firefox extensions will be compatible with Chrome.
Better read this if you bought your computer before 2011
Users should upgrade to the new version as soon as possible
Xen project announces a privilege escalation problem for Qemu host systems
Attackers can compromise an Android phone just by sending a text message
PC vendor will pre-install Ubuntu on portables in India.