CeBIT Open Source Project Lounge -- CAcert
CAcert -- community based certificate authorityBy
CAcert is among the 15 projects that will present their work at CeBIT, offering community based security certificates.
In a nutshell - describe your project in a few words:
CAcert is a community based certificate authority with the objective of providing a free, open and transparent public key (PK) infrastructure for all its community members. It seeks to provide an enhanced experience in the virtual world by connecting the virtual identities of the Internet with real world entities.
When did the project begin?
In 2002 with CAcert.org and in 2003 with CAcert, Inc.
How many active members does the project have?
3,257 active assurers (those passing our Assurance Challenge) and 19,067 participants, as of January 18, 2010.
How did the project come about?
Duane Groth wanted to secure the WLAN network of his hometown, which was too expensive, so started the community.
What would make a CeBIT visitor interested in your booth?
1. Anyone can become a community member to use free certificates as long as they get assurance of identity as part of our Organization Assurance program.
2. Small companies, organizations and schools with smaller budgets can get information about how they can add value for their customers or members with the help of client certificate logins to their Internet portals.
3. Linux distributions and software developers can learn how to extend their software with features so that Internet portal or application users are assured secure access.
Who do you make your software for?
Community members have the choice to create client certificates, e-mail certificates (signing and encryption) or server certificates (SSL and TLS) and sign documents or code. They can also sign PGP/PGP keys (engage in keysigning parties).
Where do you see your biggest current challenge?
Browser integration of root certificates into the operating systems require audits handled by the community. These audits are time consuming.
If you were to hire a full-time project developer now, what problem should he or she be ready to solve?
The requirement for audits spawned a new software development project called "Birdshack" during the spring of 2009. We need developers to implement this project.
Under which license is the software currently offered?
GNU General Public License v2, June 1991.
Internet adress: http://www.cacert.org
Xen project announces a privilege escalation problem for Qemu host systems
Attackers can compromise an Android phone just by sending a text message
PC vendor will pre-install Ubuntu on portables in India.
More embarrassment for Adobe's embattled multimedia tool
Mozilla’s script blocker add-on could be putting malware sites on the whitelist.
The Internet community officially banishes the notoriously unsafe Secure Sockets Layer protocol.
Popular desktop environment continues the Gnome 2 legacy – with new support for the Gnome 3 toolkit.
The Obama White House has issued a memorandum telling all US government agencies they must use HTTPS for all websites and web communication.
New program will dial up security for the Firefox browser.
Red Hat's community distro embraces the cloud.