Hanging Around In Munich? Get Yourself Assured!

Since a few days I reached the 100 points limit in order to assure other members of CACert.org. So if you happen to visit Munich and want to have your identity proven you can send me an email and I will check if I manage to meet you.

I will also reach my point limit to become a Thawte.com notary soon in order to also assure members of the Thawte Web of Trust (WoT) so maybe we can fix assurance for both authorites in one meeting.

At CACert you can get client and server certificates to sign emails and install into server products like IIS and they are free of cost. Unfortunately the CACert Root certificate is not preinstalled as a trusted root on Windows which means that it is of limited use for broad distribution of artefacts signed with CACert certificates however it is a cool thing to get those e.g. for testing of Windows Communication Foundation (WCF) security related stuff with manual installation of the root certificate because you then get a full trust chain and get rid of some annoying security exceptions compared to self signed certificates.

By the way, you can also get a code signing certificate at CACert.org which can be used to sign Windows installers, dlls and archives. Which however exposes you as well to the shortcoming of a non preinstalled root certificate. If this can be called a shortcoming at all with quite some people have the opinion that no root certificate should ever be preeinstalled since it introduces a paradigm of undermining the users right of self-determination on which authority to trust or not which in my opinion makes quite some sense. Preeinstalling is the more comfortable way for most and also for the industry because it eliminates the need to describe and teach the complex domain of digital signatures and encryption to a broad mass of people without IT affinity. But that’s a story to be discussed another time.

Comments (0)