[TriLUG] CACert Assurance

Tanner Lovelace clubjuggler at gmail.com
Tue Dec 20 12:08:14 EST 2005


Hi folks,

If anyone is interested in becoming "assured" in the
CACert (http://www.cacert.org/) web of trust, I'm meeting
with one of the local assurer's tomorrow at Moe's Southwest
Grill in Cameron Village at 12:30pm.  He graciously said
I could invite anyone from TriLUG who was interested
to show up.  There's also a good chance that one of our
own TriLUG members who's also a CACert assurer will be
there too, so this would be an excellent time to get assurance.
(Sadly, this won't get you all the way to the 100 points needed
to become an assurer, but it should get you to 70 points
which is much closer than 0.)

So, if you're interested in this, there is a bit of prep work involved
first.  First off, you need to go set up an account at CACert:
http://www.cacert.org/.  Second, you'll need to print out the
web of trust forms from the cacert website.  Look for "Web of Trust"
on the menu and then select "US - WoT Form".  Bring 2 copies
of this form and 2 forms of government issued photo id (i.e.
drivers license and passport).  If you only have one form of government
issued photo id, don't worry. You can bring that too but you'll
probably end up with less points than if you had 2 forms.
The assurers will check over the ID and sign the forms (which you
also sign).  Later they'll go back and assign you up to the
number of points they're allowed to assign.

Now, in case you're wondering what the point is in this, I'll do my best
to explain it a bit.  However, if anyone else would like to jump in
here (or even correct my mistakes above), please do!  I know we
have at least 2 assurers on this list, so they can probably explain it
much better than I can. :-)

So, anyway, CACert provides SSL certificates free of charge.  But,
in order to do this, they must have a way of identifying who people
are.  They do this by building the "web of trust".  You meet with
people and have them verify your identity and build up points.  Once
you have a certain number of points, you can verify people yourselves
and issue ssl certificates.

One of the reasons I think this would be a good idea is that right now
TriLUG needs to change it's SSL certificates.  In one of the many computer
moves recently, the private key to TriLUG's SSL Certificate Authority that
I set up 3 years ago was lost.  So, while SSL still works on the TriLUG
servers, we cannot create any new keys.  I would like to propose that
we move over to using CACert as the certificate authority for our SSL
needs.  (This is, of course, subject to what the current TriLUG system
administrator, Mark Turner, and the rest of the current Steering Committee
chooses to go with.  I'm only suggesting.)  This would allow us to
support a worthwhile endeavor of propgating free SSL certificates and
goes along nicely with the GPG Keysigning we've been doing for the
past three plus years.

So, if you're interested, please take a few moments to print out the paperwork
and join us at Moe's Burritos in Cameron Village in Raleigh, tomorrow,
the 21st of December 2005 at 12:30pm.  Hope to see some people there.

Cheers,
Tanner
--
Tanner Lovelace
clubjuggler at gmail dot com
http://wtl.wayfarer.org/
(fieldless) In fess two roundels in pale, a billet fesswise and an
increscent, all sable.



More information about the TriLUG mailing list