Using%20Personal%20Certificates - PowerPoint PPT Presentation

About This Presentation
Title:

Using%20Personal%20Certificates

Description:

Meet notary/assuror in person ... Notary/assuror grants points to the assertion online. Notary/assuror keeps documentation secure and may produce to CA if ... – PowerPoint PPT presentation

Number of Views:29
Avg rating:3.0/5.0
Slides: 14
Provided by: jeffda
Category:

less

Transcript and Presenter's Notes

Title: Using%20Personal%20Certificates


1
Using Personal Certificates
  • Jeff DAngeloJeremy Hill
  • Network of People, Jan 6, 2005

2
Our role
  • Not a formal ITS or Penn State project
  • No support from ITS helpdesks
  • We present this material today not as an
    authority but as peer
  • Personal Certificate programs are global
  • We are selfish we want more points
  • Our selfishness helps you

3
What types of certificates exist?
  • Server
  • Personal
  • Code-signing
  • Others (client, etc.)

4
How are certificates useful?
  • Certificates are a means of placing trust in an
    unknown/unverified party
  • Can validate authenticity of peer/server in
    SSL/TLS communication (HTTPS, etc)
  • Can encrypt/sign email (S/MIME)
  • Can sign (validate) documents (PDF)
  • Can sign executable code
  • Client Authentication (VPN, HTTP, etc)

5
Methods of assuring identity
  • Single assurance from Certificate Authority
  • PGP Web of Trust (WoT) model
  • Hybrid CA Web of Trust model

6
How hybrid model works
  • Community based effort assuring identity of peers
  • Web-based point system keeps track of assurances
    received and given
  • No single point of assurance failure
  • Single path to verify new certificates

7
Hybrid Web of Trust CAs
  • Thawte
  • Trusted in most clients today
  • FREE for personal certificates
  • CAcert
  • Server and Code-signing also FREE
  • Requires root certificate installation in most
    clients today

8
Getting started
  • 1) Apply for account with Thawte (or CAcert)
  • 2) Get points via assurances
  • At 50 points, your certificates are trusted
  • At 100 points, you become a WoT notary
  • 3) Give assurances to help the community
  • The more you give, the more points you can give
  • Start at giving max 10 points and work towards 35
    max

9
Assurance process
  • Meet notary/assuror in person
  • Provide proof(s) of identity matching account
    information (e.g., drivers license , passport
    )
  • Notary/assuror makes copy of id proofs
  • Both sign a document attesting assurance
  • Notary/assuror grants points to the assertion
    online
  • Notary/assuror keeps documentation secure and may
    produce to CA if audited

10
Demos
  • Jeff
  • Applying for Thawte Personal Certificates
  • Downloading certificate into email client
  • Signing, verifying email
  • Jeremy
  • Installing certificate into Adobe PDF
  • Signing PDF documents

11
S/MIME E-Mail client support
  • Mozilla Mail and derivatives (e.g., Thunderbird)
    Good
  • MS Outlook and Outlook Express Good
  • Eudora Poor
  • Pine Poor
  • Apple Mail Decent

12
Conclusion
  • Summary
  • Q A
  • Thawte and CAcert assurances given during break

13
References
  • Thawte Personal Certificates http//thawte.com/em
    ail/
  • CAcert Personal Certificates http//cacert.org/
Write a Comment
User Comments (0)
About PowerShow.com