SlideShare a Scribd company logo

CACert Presentation

Tanner Lovelace
Tanner Lovelace

A talk on the CACert certification authority I gave to the Triangle Linux Users Group ( http://www.trilug.org/ ) back in May 2006. CACert is currently undergoing a bunch of changes so there's no guarantee how up to date this is or will remain.

Technology
1 of 18
Download to read offline
CACert Tanner Lovelace Triangle Linux Users Group 11/May/2006
Outline What is SSL and why do we need it? What is a Certificate Authority? What is CACert? How does CACert verify identity? How do I use CACert? Conclusion and Mass Assurance
How Does the Web Work? Client-server No verification or encryption (in standard model)
Problems with Standard Web Susceptible to eavesdropping Man-in-the-middle (i.e. transparent proxies)
The Web with SSL Encryption of Traffic Verification of Identity
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation
CACert Presentation

Recommended

Ssl Https Server
Ssl Https ServerSsl Https Server
Ssl Https Server
Ram Srivastava
 
Maia Mailguard Ncsa 9 May 2005
Maia Mailguard Ncsa 9 May 2005Maia Mailguard Ncsa 9 May 2005
Maia Mailguard Ncsa 9 May 2005
Tanner Lovelace
 
RPM Packaging 101 (Old)
RPM Packaging 101 (Old)RPM Packaging 101 (Old)
RPM Packaging 101 (Old)
Tanner Lovelace
 
PresentacióN1
PresentacióN1PresentacióN1
PresentacióN1
ronydiesel
 
OpenPGP/GnuPG Encryption
OpenPGP/GnuPG EncryptionOpenPGP/GnuPG Encryption
OpenPGP/GnuPG Encryption
Tanner Lovelace
 
Intro to Linux (for Ham Radio Operators)
Intro to Linux (for Ham Radio Operators)Intro to Linux (for Ham Radio Operators)
Intro to Linux (for Ham Radio Operators)
Tanner Lovelace
 
Black Hat Dc 09 Marlinspike Defeating Ssl
Black Hat Dc 09 Marlinspike Defeating SslBlack Hat Dc 09 Marlinspike Defeating Ssl
Black Hat Dc 09 Marlinspike Defeating Ssl
SecurityTube.Net
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
Yousof Alsatom
 

Recommended

Ssl Https Server
Ssl Https ServerSsl Https Server
Ssl Https Server
Ram Srivastava
 
Maia Mailguard Ncsa 9 May 2005
Maia Mailguard Ncsa 9 May 2005Maia Mailguard Ncsa 9 May 2005
Maia Mailguard Ncsa 9 May 2005
Tanner Lovelace
 
RPM Packaging 101 (Old)
RPM Packaging 101 (Old)RPM Packaging 101 (Old)
RPM Packaging 101 (Old)
Tanner Lovelace
 
PresentacióN1
PresentacióN1PresentacióN1
PresentacióN1
ronydiesel
 
OpenPGP/GnuPG Encryption
OpenPGP/GnuPG EncryptionOpenPGP/GnuPG Encryption
OpenPGP/GnuPG Encryption
Tanner Lovelace
 
Intro to Linux (for Ham Radio Operators)
Intro to Linux (for Ham Radio Operators)Intro to Linux (for Ham Radio Operators)
Intro to Linux (for Ham Radio Operators)
Tanner Lovelace
 
Black Hat Dc 09 Marlinspike Defeating Ssl
Black Hat Dc 09 Marlinspike Defeating SslBlack Hat Dc 09 Marlinspike Defeating Ssl
Black Hat Dc 09 Marlinspike Defeating Ssl
SecurityTube.Net
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
Yousof Alsatom
 
15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept
Mostafa El Lathy
 
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Siena Perry
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
T.Rob Wyatt
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
Arash Ramez
 
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
New Ideas on CAA, CT and Public Key Pinning for a Safer InternetNew Ideas on CAA, CT and Public Key Pinning for a Safer Internet
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
CASCouncil
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
SSL247®
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshell
Frank Kelly
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL Certificate
CheapSSLUSA
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
RapidSSLOnline.com
 
TLS and Certificates
TLS and CertificatesTLS and Certificates
TLS and Certificates
Karri Huhtanen
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
promediakw
 
RIPE 84: Revocation
RIPE 84: RevocationRIPE 84: Revocation
RIPE 84: Revocation
APNIC
 
ssl's guide
ssl's guidessl's guide
ssl's guide
Shakil Malik
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
Mohammad Yousri
 
3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_report3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_report
Lavius Nkateko Motileng
 
Types of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business NeedTypes of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business Need
awakish
 
Demystfying secure certs
Demystfying secure certsDemystfying secure certs
Demystfying secure certs
Gary Williams
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
Toni de la Fuente
 
EAP-TLS
EAP-TLSEAP-TLS
EAP-TLS
Karri Huhtanen
 
Improve your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdfImprove your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdf
Digital Marketing
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
johnbeverley2021
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 

More Related Content

Similar to CACert Presentation

Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
Toni de la Fuente
 

Similar to CACert Presentation (20)

15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept
 
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
Geoff Huston's presentation on DANE (Keys in the DNS) at the New Zealand Inte...
 
Build and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of MediocrityBuild and Operate Your Own Certificate Management Center of Mediocrity
Build and Operate Your Own Certificate Management Center of Mediocrity
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
New Ideas on CAA, CT and Public Key Pinning for a Safer InternetNew Ideas on CAA, CT and Public Key Pinning for a Safer Internet
New Ideas on CAA, CT and Public Key Pinning for a Safer Internet
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshell
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL Certificate
 
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL CertificateA Complete RapidSSL Guide on Securing Online Business with SSL Certificate
A Complete RapidSSL Guide on Securing Online Business with SSL Certificate
 
TLS and Certificates
TLS and CertificatesTLS and Certificates
TLS and Certificates
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
RIPE 84: Revocation
RIPE 84: RevocationRIPE 84: Revocation
RIPE 84: Revocation
 
ssl's guide
ssl's guidessl's guide
ssl's guide
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_report3441355 ln motileng_ssl_report
3441355 ln motileng_ssl_report
 
Types of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business NeedTypes of SSL Certificates for Every Business Need
Types of SSL Certificates for Every Business Need
 
Demystfying secure certs
Demystfying secure certsDemystfying secure certs
Demystfying secure certs
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
 
EAP-TLS
EAP-TLSEAP-TLS
EAP-TLS
 
Improve your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdfImprove your site’s credibility on SERPs with an SSL certificate.pdf
Improve your site’s credibility on SERPs with an SSL certificate.pdf
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 

CACert Presentation

  • 1. CACert Tanner Lovelace Triangle Linux Users Group 11/May/2006
  • 2. Outline What is SSL and why do we need it? What is a Certificate Authority? What is CACert? How does CACert verify identity? How do I use CACert? Conclusion and Mass Assurance
  • 3. How Does the Web Work? Client-server No verification or encryption (in standard model)
  • 4. Problems with Standard Web Susceptible to eavesdropping Man-in-the-middle (i.e. transparent proxies)
  • 5. The Web with SSL Encryption of Traffic Verification of Identity