CAcert Code Development list.

["Marcio B. Jr." <marcio.barbado AT bdslabs.com.br>]

Hi list,
as planned via IRC with Marcus (INOPIAE) and others during one of the 
last telco meetings, bugtracking entry 1099 was created [1].

It's about automatic CAcert's root certificate install on Windows' most 
recent versions, via Internet Explorer.

On [1], you'll also find sources that may be used by CAcert's community 
to start a discussion on possible solutions.


REFERENCES

[1] Bug 1099:
https://bugs.cacert.org/view.php?id=1099


regards,



-------- Original Message --------
Subject: Re: Testing Bug 964
Date: Mon, 20 Aug 2012 14:55:19 -0300
From: "Marcio B. Jr." 
<marcio.barbado AT bdslabs.com.br>
To: 
<inopiae AT cacert.org>
Cc: " " <ulrich AT cacert.org>, <benbe1987 AT gmx.net>, 
<archaios AT archaios.net>, <mmazur AT cacert.org>, <ich AT weltraumschaf.de>, 
Mario Lipinski <mario AT cacert.org>, 'Alexander Bahlo' <alex AT cacert.org>, 
<testing.cacert AT identitymail.org>, <ted AT convey.de>, Wytze van der Raay 
<wytze AT cacert.org>, Martin Gummi <martin.gummi AT cacert.org>, 'Philipp 
Gühring' <philipp AT cacert.org>, 'Michael Tänzer' 
<michael.taenzer AT cacert.org>, 'Markus Warg' <markus AT cacert.org>, Dirk 
Astrath <dastrath AT gmx.de>, <jonathan AT othinking.org>, 
<heino AT heinoon.com>, <info AT ready-4-it.de>, <sebastian AT strzelec.de>, 
'Andreas Bäß' <ab AT it-sls.de>, <andre.salles AT 18digital.com.br>

Hello,
I'm not sure whether I append this on bug 964 [1], or if I should file 
a new bugtracking entry, or even maybe posting on 
<cacert-devel AT lists.cacert.org>

the thing is, I'm doing some testing for *automatic* CAcert's root cert 
installation on Windows 7, via Internet Explorer 9, which is related to 
[2] (that is, file "/pages/index/17.php"), and I wrote something (2 
files attached) based on it.

As far as I can see, bug 964 is about another "17.php" file (that is, 
"/pages/account/17.php"). Notwithstanding, they are all about mapping 
CEnroll control to CertEnroll.

By the way, how do directories "/pages/index/" and "/pages/account/" 
relate?

Referring to attached code (which resembles "/pages/index/17.php"), 
I've managed to install root cert and class 3, both in "Intermediate 
CAs" store, through local install with ".vbs" file, and also through web 
install via HTA (within ".php"). But I could not reach "Trusted Root 
CAs" certificate store so far.

Web install with HTA (file "windows-rootcert-install-via-ie.php") can 
be tested here [3]. You need to choose "Open" (and maybe "Allow") when 
asked.

Well, any hints for it to reach "Trusted Root" store as both HTTP and 
HTTPS cannot make it with current PHP script?

Should I keep this here, post it on <cacert-devel AT lists.cacert.org>, 
append it to bug 964, or should I create a new bugtracking entry?


Regards,



REFERENCES

[1] Bug 964:
https://bugs.cacert.org/view.php?id=964

[2] Install CAcert Root using CEnroll Active-X component and PKCS-7 
(Microsoft Internet Explorer 5.x/6.x):
http://www.cacert.org/index.php?id=17

[3] Web install of CAcert's root and class 3:
http://www.bdslabs.com.br/testes/windows-rootcert-install-via-ie.php



On Fri, 17 Aug 2012 15:40:15 +0200, INOPIAE (Marcus) wrote:
> Hi guys,
>
> the software developing team needs your help for testing.
> Please try to test the Bug 964 for detailed instruction see
> https://wiki.cacert.org/Software/CurrentTest/bug964
> The bug fixes the problem that we were not able to create
> certificates in the Internet Explorer.
> Please also test with other browsers and operating systems to make
> sure that we did not mess up the routines.
>
> Thanks for your help



Marcio Barbado, Jr.
=============
Information Security
_bds Labs.

http://www.bdslabs.com.br/

55 11 9649-4709 mobile
55 11 3955-0101 work
55 11 3856-7070 fax
=============

"... Security is a process, not a product..."
Bruce Schneier - BT Counterpane

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Esta mensagem e qualquer arquivo nela contido é confidencial. "Pratica 
crime de violação de telecomunicações quem, transgredindo lei ou 
regulamento, exiba autógrafo ou qualquer documento ou arquivo, divulgue 
ou comunique, informe ou capte, transmita a outrem ou utilize o 
conteúdo, resumo, significado, interpretação, indicação ou efeito de 
qualquer comunicação dirigida a terceiro." (Artigo 56 da Lei n.º 4.117 
de 27 de agosto de 1962, aplicável aos crimes em telecomunicações, nos 
termos do art. 215, I, da Lei 9.472/97).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE
This message including any attachments is confidential information of 
B.D.S. LABS. TECNOLOGIA COMERCIAL LTDA.
Disclosure, copying or distribution is prohibited without permission of 
BDS LABS. If you are not the intended recipient,  please reply to the 
sender and then delete this message.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Marcio Barbado, Jr.
=============
Information Security
_bds Labs.

http://www.bdslabs.com.br/

55 11 9649-4709 mobile
55 11 3955-0101 work
55 11 3856-7070 fax
=============

"... Security is a process, not a product..."
Bruce Schneier - BT Counterpane

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Esta mensagem e qualquer arquivo nela contido é confidencial. "Pratica 
crime de violação de telecomunicações quem, transgredindo lei ou 
regulamento, exiba autógrafo ou qualquer documento ou arquivo, divulgue 
ou comunique, informe ou capte, transmita a outrem ou utilize o 
conteúdo, resumo, significado, interpretação, indicação ou efeito de 
qualquer comunicação dirigida a terceiro." (Artigo 56 da Lei n.º 4.117 
de 27 de agosto de 1962, aplicável aos crimes em telecomunicações, nos 
termos do art. 215, I, da Lei 9.472/97).
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
NOTICE
This message including any attachments is confidential information of 
B.D.S. LABS. TECNOLOGIA COMERCIAL LTDA.
Disclosure, copying or distribution is prohibited without permission of 
BDS LABS. If you are not the intended recipient,  please reply to the 
sender and then delete this message.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~