Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using Personal Certificates Jeff D’Angelo Jeremy Hill Network of People, Jan 6, 2005.

Published byDortha Morgan Modified over 9 years ago

Similar presentations

Presentation on theme: "Using Personal Certificates Jeff D’Angelo Jeremy Hill Network of People, Jan 6, 2005."— Presentation transcript:

1 Using Personal Certificates Jeff D’Angelo Jeremy Hill Network of People, Jan 6, 2005

2 Our role Not a formal ITS or Penn State project –No support from ITS helpdesks We present this material today not as an authority but as peer Personal Certificate programs are global We are selfish – we want more points Our selfishness helps you

3 What types of certificates exist? Server Personal Code-signing Others (client, etc.)

4 How are certificates useful? Certificates are a means of placing trust in an unknown/unverified party Can validate authenticity of peer/server in SSL/TLS communication (HTTPS, etc) Can encrypt/sign email (S/MIME) Can sign (validate) documents (PDF) Can sign executable code Client Authentication (VPN, HTTP, etc)

5 Methods of assuring identity Single assurance from Certificate Authority PGP Web of Trust (WoT) model Hybrid CA + Web of Trust model

6 How hybrid model works Community based effort assuring identity of peers Web-based point system keeps track of assurances received and given No single point of assurance failure Single path to verify new certificates

7 Hybrid Web of Trust CAs Thawte –Trusted in most clients today –FREE for personal certificates CAcert –Server and Code-signing also FREE –Requires root certificate installation in most clients today

8 Getting started 1) Apply for account with Thawte (or CAcert) 2) Get points via assurances –At 50 points, your certificates are trusted –At 100 points, you become a WoT notary 3) Give assurances to help the community –The more you give, the more points you can give –Start at giving max 10 points and work towards 35 max

9 Assurance process Meet notary/assuror in person Provide proof(s) of identity matching account information (e.g., driver’s license #, passport #) Notary/assuror makes copy of id proofs Both sign a document attesting assurance Notary/assuror grants points to the assertion online Notary/assuror keeps documentation secure and may produce to CA if audited

10 Demos Jeff –Applying for Thawte Personal Certificates –Downloading certificate into email client –Signing, verifying email Jeremy –Installing certificate into Adobe PDF –Signing PDF documents

11 S/MIME E-Mail client support Mozilla Mail and derivatives (e.g., Thunderbird) – Good MS Outlook and Outlook Express – Good Eudora – Poor Pine – Poor Apple Mail – Decent

12 Conclusion Summary Q & A Thawte and CAcert assurances given during break

13 References Thawte Personal Certificates: http://thawte.com/email/ CAcert Personal Certificates: http://cacert.org/

Download ppt "Using Personal Certificates Jeff D’Angelo Jeremy Hill Network of People, Jan 6, 2005."

Similar presentations

AI3 Contact Server Takeshi Usui

AI3 Contact Server Takeshi Usui
PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Mozilla Thunderbird. What is Thunderbird? E-mail client E-mail client Usenet newsgroup reader Usenet newsgroup reader RSS client RSS client Comparable.

Mozilla Thunderbird. What is Thunderbird? client client Usenet newsgroup reader Usenet newsgroup reader RSS client RSS client Comparable.
Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.

Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter 10 Securing Exchange Server 2003.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Signing and Encrypting Email With the Thawte Web of Trust CSU Professional Development Institute January 8, 2009 Steve Lovaas.

Signing and Encrypting With the Thawte Web of Trust CSU Professional Development Institute January 8, 2009 Steve Lovaas.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Lecture 12 e-mail Security. Summary  PEM  secure email  PGP  S/MIME.

Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.
CAMP - June 4-6, 2003 1 Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin 2003. This work is the intellectual property of the authors.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.
PRISM-PROOF Phillip Hallam-Baker Comodo Group Inc.

PRISM-PROOF Phillip Hallam-Baker Comodo Group Inc.
1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.

1 USHER Update Fed/ED December 2007 Jim Jokl University of Virginia.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.

Similar presentations

Ads by Google