Correction to BarCamp Vancouver 2006 posting about CACert Audit - Re: StartCom involvement

Sep. 14th, 2006 07:56 am
robbat2: (Default)

I'd like to thank the relevant parties (*waves at StartCom*) for bringing an important correction to my notice.

I previously followed somebody else's summary of the Mozilla CACert inclusion battle, rather than reading the 135 entries on the official Mozilla bug for the matter. More importantly, their summary unfortuntely lead me to make a bad conclusion (probably aided by a lack of sleep on my part when writing up my presentation on the morning of BarCamp, due to the cold, hard, concrete floors), which was the statement "CACert audit by 'We!' funded by StartCom".

This was brought to my attention this morning, and I slogged through the bug mentioned as well as other sources, and found that StartCom was audited by We! Consulting, and the same was only suggested for CACert. According to one source that commented on my previous post, CACert refused We! Consulting, but I can find nothing else to back up that statement. However, I do find nothing to indicate that they presently have anybody lined up to audit them. I'd like to repeat that for good measure however - CACert is not being audited presently, nor is any audit of them being funded by StartCom.

Some other research on the matter provides the following links from the CACert wiki, which include a TODO list on CACert's audit process (in short - not yet, there's still paperwork on CACert's side in the way); as well as an invitation page listing CACert's criterion for an auditor.

  • Current Mood: working
Tags:

BarCamp Vancouver 2006

Sep. 2nd, 2006 01:30 am
robbat2: (Default)

BarCamp Vancouver 2006 took place August 25th and 26th. For those not aware of it, in plain terms, it's a geek un-conference without formal talk arrangements. You turn up, have a party, camp in an office building, have breakfast, come up with mostly impromptu talks, give said talks, have lunch, do more talks, go home. My talk was on CACert Assurances, and I was also a super-assurer for the purposes of the event.

Long version )
Tags:

BarCamp Vancouver 2006 - Conferences notes - CACert - Robin Johnson

Sep. 2nd, 2006 01:15 am
robbat2: (Default)

[Edit: Please see the corrections regarding the CACert Audit posted here.]

This is the outline version of my Powerpoint presentation, created using information from the CACert site and wiki.

Title: CACert - Verified SSL without paying Verisign
  • Facets
    • History
    • Verification
    • CACert point system
    • Integration
    • Assurance time!
  • History
    • Thawte
      • Web-of-Trust
      • Notaries
      • Things killed by Verisign
  • Verification
    • Why?
      • Identity implications
      • Legal requirements
      • Trying to avoiding Verisign-like screwups
    • PGP/GnuPG keysigning
      • Checking IDs
      • (Known-data|shared secret) exchange
    • CACert
      • Keysigning process + point allocation
  • CACert point system
  • Integration (why doesn’t it work in my browser right now?)
    • Already in most Linux distributions
    • IE: Microsoft requirements
      • WebTrust audit
        • $75K USD upfront, $10K USD yearly
      • Not likely to happen soon
    • Mozilla requirements
      • Audit by any suitable company
      • CACert audit by ‘We!’ funded by StartCom
  • Assurance time!
    • Quick guide to filling out the form
    • Circulate!
Tags:

BarCamp Vancouver 2006 - Conferences notes - Secrets to a Killer Technology Speech - Rob Cottingham

Sep. 2nd, 2006 12:56 am
robbat2: (Default)
Here are some notes I took during a presentation by Rob Cottingham of Social Signal.
Title: "Secrets to a Killer Technology Speech" / "End to End Speech Writing"

Start with an idea, and end with a powerful idea.
Don't spew bullshit, ever.

7 important techniques/items (you need all of them).

1. Know where to end off.
2.1. Structure - give audience exact idea of what you are covering, say there are 7 points ahead of time.
2.2. Explain it in the form of a story, using oral traditions to full effect. Hollywood uses 3 acts - your hero gets up tree first, then develop conflict, such as throwing rocks at the tree, and lastly the hero falls out of the tree.
2.3. a) Express problem (why it's needed, why we are vulnerable to it) b) Elaborate on problem, say how it affects audience c) Give them a solution, say how it will fix their issues.
3. Use visual thinking, avoid boring speakers. Give ways to escape, mental images, but pick ones that help your cause. Ujjal Dosajh used a childhood story of an ox-drawn cart on a dusty road.
4.1. Put the powerpoint AWAY. People are there for the STORY! Not the words on the screen. You can even do away with projectors entirely.
4.2. Exceptions are when walking through a new product, or you have visuals ABOUT the information, not charts.
5. Have passion for the idea. Convey passion even if you don't feel it.
6. Authenticity. Growing power. Transparency is big in new media. Don't have a speech like a speech writer would write, with stuff you would seldom say. Write your speech as you normally speak! Subject, Verb, Object!
7.1. Ending. The correct one! Use emotional High, Kathartic. Call to action. Encourge to go out and DO.
7.2 Don't give thank yous to poeple at the end of your speech, rather do it at the start!

Summary: idea at start, then thanks yous, then climax, then ending.
Tags:

Profile

robbat2: (Default)
robbat2
Orbis-Terrarum Networks: Robbat2 resume

May 2017

S M T W T F S
 123456
78910111213
141516171819 20
21222324252627
28293031   

Syndicate

RSS Atom

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags