An Open Audit of an Open Certification Authority

Ian Grigg

An Open Audit of an Open Certification Authority

Abstract:

How does a lightweight community Certificate Authority ("CA") engage in the heavyweight world of PKI and secure browsing? With the introduction of Public Key Infrastructure, the Internet security framework rapidly became too complex for individuals and small groups to deal with, and the audit stepped into the gulf to provide a kinder face, in the form of a simple opinion or judgment call. This talk tracks the systems audit of CAcert, an open-membership CA, as a case study in auditing versus the open Internet, community versus professionalism, quality versus enthusiasm. It will look at how CAcert found itself at this point and then will walk through some big-ticket items, such as risks, assurance, disputes, privacy, and security. Can CAcert deliver on its goal of free certs?

Ian Grigg, CAcert

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX

@conference {268043,
author = {Ian Grigg},
title = {An Open Audit of an Open Certification Authority},
year = {2008},
address = {San Diego, CA},
publisher = {USENIX Association},
month = nov
}

Download

Presentation Video

Presentation Audio

Download Audio

Links

Paper:

http://usenix.org/event/lisa08/tech/grigg_talk.pdf

Paper (HTML):

http://usenix.org/event/lisa08/tech/grigg_html/

Log in or register to post comments