[CentOS-promo] Summary of Linuxtag meeting on sunday-evening
Daniel de Kok
danieldk at pobox.com
Tue May 22 06:25:51 UTC 2007
On Tue, 2007-05-22 at 03:41 +0200, Dag Wieers wrote:
> - One system to show of anaconda-loop installations in step mode
> -> Action Danieldk (?): prepare this demo
Confirmed.
> Social activities:
> + Keysigning and CACert
> -> Action Ralph and Danieldk: lecture Dag and make it happen !
Here's the deal: get an account on CACert.org. With this account and an
e-mail probe, you can create certificates with your e-mail address. To
be able to make certificates with your name in it, you need at least 50
points. You can get points by getting your identity checked by an
assurer (e.g. Ralph or me). I can give you 15 points, and I think Ralph
25 (according to CACert.org), so you will have to visit the CACert booth
to get 50 points (with 100 points you can assure others too).
Advantages:
- You can create X.509 certificates with your name and e-mail address in
it to sign/encrypt e-mails.
- You can sign GPG keys with your CACert identity.
- Because trust is central, it has less hassle than GPG keys.
- If you have enough points, you can also create certificates for SSL
webservers.
- It's you and your account that are trusted, so you can create new
certificates when you want them, without having to build trust for that
key again a la GPG.
Disadvantages:
- Not every distro includes the CACert root cert (but CentOS and a few
others do!).
- Some people trust GPG more, because they personally signed other
people's keys. Of course, this has the downside that you check a lot of
keys personally to build a proper trust web.
Personally, I use both GPG and CACert. When the use of GPG is required,
I have my GPG key signed by CACert.
Required arrangements (if someone is interested):
- You need a CACert acccount.
- You have to bring it least one proper ID, preferably more than one.
- We have to bring a few CACert forms. If there is interest, I can print
and bring along a bunch.
-- Daniel
More information about the CentOS-promo
mailing list