A better approach to security

[Mario Lipinski <mario AT cacert.org>]

Hi Frank,

Am 2011-04-09 01:47, schrieb Frank Brückner:
> I know that is according to the rules, but ...
> 
> CAcert Inc. secretary's certificate with common name "CAcert WoT User"
> doesn't look that nice.

the reason for this is because the private key is available to CAcert
Inc. So I do not want this for a personalized certificate. I consider
this as necessary as CAcert Inc. still needs to be able to decrypt
information sent to an office bearer if he becomes unavailable.

The sent certificate contains the email address 
secretary AT cacert.org,
 so
it is to some extent someone who is allowed to use the address. And it
is Class 3, this means it has been created on an account which identity
is at least know to CAcert.

So this should suffice.

Another alternative would be to create an organisation certificate. But
this I cannot do myself, so until it is in use lot more time would have
passed. I just created this one while I had to renew another one anyhow.

-- 
Mit freundlichen Grüßen / Best regards

Mario Lipinski
Board member,                       E-Mail: 
mario AT cacert.org
Arbitrator / Case Manager,          Internet: http://www.cacert.org
Infrastructure Team Leader (Admin for Wiki, Issue),
Organisation Assurer (Germany),
Secretary
CAcert

Support CAcert: http://www.cacert.org/index.php?id=13
                http://wiki.cacert.org/wiki/HelpingCAcert

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature