On Tue, 2007-05-22 at 03:41 +0200, Dag Wieers wrote: > - One system to show of anaconda-loop installations in step mode > -> Action Danieldk (?): prepare this demo Confirmed. > Social activities: > + Keysigning and CACert > -> Action Ralph and Danieldk: lecture Dag and make it happen ! Here's the deal: get an account on CACert.org. With this account and an e-mail probe, you can create certificates with your e-mail address. To be able to make certificates with your name in it, you need at least 50 points. You can get points by getting your identity checked by an assurer (e.g. Ralph or me). I can give you 15 points, and I think Ralph 25 (according to CACert.org), so you will have to visit the CACert booth to get 50 points (with 100 points you can assure others too). Advantages: - You can create X.509 certificates with your name and e-mail address in it to sign/encrypt e-mails. - You can sign GPG keys with your CACert identity. - Because trust is central, it has less hassle than GPG keys. - If you have enough points, you can also create certificates for SSL webservers. - It's you and your account that are trusted, so you can create new certificates when you want them, without having to build trust for that key again a la GPG. Disadvantages: - Not every distro includes the CACert root cert (but CentOS and a few others do!). - Some people trust GPG more, because they personally signed other people's keys. Of course, this has the downside that you check a lot of keys personally to build a proper trust web. Personally, I use both GPG and CACert. When the use of GPG is required, I have my GPG key signed by CACert. Required arrangements (if someone is interested): - You need a CACert acccount. - You have to bring it least one proper ID, preferably more than one. - We have to bring a few CACert forms. If there is interest, I can print and bring along a bunch. -- Daniel