Am 15. Feb, 2006 schwätzte R P Herrold so:

> On Mon, 13 Feb 2006, der.hans wrote:
>
>>>>> herrold said: I'll be running the CACert ( http://www.cacert.org/ ) 
>>>>> booth -- which 
>> 
>>>> Does CACert still require gov't issued IDs to participate?
>> It's not identity theft that I'm worried about. I don't want to auth my
>> gov't recognized name.
>
> ummm --- ok - I had one person who appeared at the booth decline to give his 
> name -- no problem, but also no cacert ID ;)   Ultimately a web of trust, 
> needs to be trustable, and as I see it, has to chain back to an ID which 
> carries a penal disincentive to forge.

I also know many by names other than what would be on an ID. I likely wouldn't
sign certs for them for their legal names. At least a couple have been
friends of mine for years.

>> I also need to be able to auth role accounts. Some are roles that will be
>
> role accounts are no problem - there is a primary email address, and the 
> ability to add as many secondaries as you may wish; also as the CSR is 
> gnereated locally, embedded role email addresses insude a certificate are no 
> problem, and are not examined before the countersigning by CACert.

All of the secondaries would be associated to the primary email addy? A
cert for chairman@PLUG would be associated to my personal certification?

Just trying to get more info. In fact, wanna do a presentation on CACert
for us? :)

ciao,

der.hans
-- 
#  https://www.LuftHans.com/        http://www.CiscoLearning.org/
#  Join the League of Professional System Administrators! https://LOPSA.org/
#  Nobody grows old merely by living a number of years.
#  We grow old by deserting our ideals.
#  Years may wrinkle the skin, but to give up enthusiasm
#  wrinkles the soul.  -- Samuel Ullman