NOTA BENE - WORK IN PROGRESS - Your Inputs & Thoughts
Guidelines for Assured Organisations
This article describes procedures and techniques for Organisations wishing to use CAcert certificates in their daily business. In this context "Organisation" (or "Org") is used for example for companies, assiciations or similar entities which can be assured in the CAcert Organisation Assurance Program.
- This training should also be valuable for freelancers or IT service companies who want to offer the service of acting as CAcert Organisation Administrator ("Org Admin") for their customers.
As you see, this is currently a quite empty framework. So please add your ideas and experiences!
Overview
How to get an Organisation assured
Best Practices in an assured Organisation
How to find an Organisation Admin
Using CAcert Certificates in an Organisation
Importing the CAcert Root certificates
If the Organisation is using a Windows Domain, the CAcert Root certificate can be imported for all computers at once using Group Policies. See HowTo/InstallCAcertRoots#Installation_in_Windows_Domain
Certificates for internal servers
When it is possible to distribute the CAcert root certificate in a Windows Domain, CAcert certificates are an easy to use, cheap and perfectly valid solution for securing servers which are only used by company internal personnel, like IMAP servers, development webservers or internal application servers.
Certificates for internal communication
Certificate based logins
- Most webservers (including MS IIS and Apache) allow to verify client certificates when accessing specific pages. Since they provide the certificate details to CGI and similar applications, this details, most prominently an included email address or a Single Sign On (SSO) ID, can be used as a secured piece of information.
Creating Server and Client certificates
This topic is handled in the OrgAdmin-Handbook.
Handling multiple Organisations
- As a freelancer or IT service company, you may act as Org Admin for multiple organisations.
Administrative Tasks
Most administrative tasks are detailed in the Org Admin's Handbook.
Adding another Org Admin for an Organisation
Designating a new Org Admin without contact to the previous one
Adding domains to an Organisation's account
Inputs & Thoughts
YYYYMMDD-YourName
Text / Your Statements, thoughts and e-mail snippets, Please
YYYYMMDD-YourName
Text / Your Statements, thoughts and e-mail snippets, Please