NOTE: This is an archive of my old blog. Go to http://gonium.net for my current website.

Support CACert

Posted by md on November 01, 2006

cacert-pem.jpg

CACert offers X.509 certificates for free. You can use these certificates for email signing and encryption, as well as securing your server services.

The CACert can offer these services for free because it builds a web of trust: you need a CACert assurer to verify your identity. The assurer then can give you trust points, and based on your point level you’re allowed to get certificates with different trust levels. If you gather 100 points, you’re granted the assurer permissions which means that you can assure other people.

I think this is a really nice idea: CACert brings the grass-root principles of GPG to the X.509 world. Unfortunately, the browsers currently do not trust the CACert root certificate (which means you still need to confirm that you trust a certificate issued by CACert). But the process is on the way for Firefox & Co. And using CACert certificates is a better way than using your self-signed certificates anyway…

BTW, if you’re in Kaiserslautern, the CACert site lists about 25 assurer (login required) that can help you to verify your identity.

Trackbacks

Use this link to trackback from your own site.

Comments

Leave a response

Comments