Hello everyone,
Minutes from ILUGC meet(August 2002)
As I walked into the rendezvous of the august 2002
ILUGC meet around 4:45PM, Venkatesh had already
started of his presentation on Open SSL and Open CA.He
was explaining public and private keys and later
explained about who exactly is a Certification
Authority(CA). what do the certify? How do they
certify etc. He explained how the public keys of
various certification authorities are by default
installed on major browsers(which is actually a mutual
understanding between CA and the browser developers).
This public key of any CA (eg Verisign) allows a
browser to determine if a particular public key is
valid i.e belongs to the person who claims it to be
his. Open source alternatives to these commercial CA
were also explained egs: - www.openca.org and
www.pyca.de (correct me if I am wrong). He then went
on to explain how a public & private key of a
particular person are certified in Open CA. From what
I understood i guess the public and private keys are
sent to a RA(Registration Authority ?) who/which then
validates the details provided by the person/system.
After the RA is convinced about the validity of the
information provided and then the public key is stored
into the CA repository. By following this method the
person/system is restricted from accessing CA
repository directly. There was also an
argument/discussion about whether this CA repository
is actually accessible though a LDAP server. Prabhu
then pointed out then no one before has talked about
LDAP so it would be nice gave a presentation on LDAP
in the coming meets. There was also a discussion
whether LDAP is a replacement of NIS or is it
something more, How secure is LDAP ? How does one make
LDAP secure? Someone(I am sorry I dont remember the
name) pointed out that Active Directory Service(ADS)
in M$ WINDOWS 2000 was actually an implementation of
LDAP and Kerberos put together although he immediately
pointed out that M$ had made a mess out of it. Prabhu
concluded that people would get to know better about
LDAP only if someone who has actually implemented it
could talk about it.So Venkatesh was requested if he
could talk about LDAP in the coming meets. Suddenly
there was a powercut and the entire meet then
continued in darkness(although i was in darkness for
most of the meet :-) ). There was also a discussion
about how exactly this private and public key
generated, and how tough or impossible to crack these
keys? So Venkatesh went on to explain how the keys are
generated and the algorithm(s) used to generate such
keys. Venkatesh concluded his presentation by citing
few of Open SSL commands(eg:- openssl genrsa 1024
-out).
Prabhu walked onto the stage and asked various
suggestion and comments about the future ILUGC meets.
He requested people to come forward and volunteer for
various presentation and talks to make the meets more
interesting and exciting. Someone from Lateral
Software(?) suggested that he could give a talk/demo
about the kernel, various kernel modules etc. So it
was decided that the person will give a series of talk
on the kernel and related areas, there will also a
talk on LDAP by Venkatesh in the coming meets.He also
enquired who will write the minutes for this meet as
the ÂOfficial Minute Man Suraj had not attended the
meet. Although i did not accept to write the minutes
at that time. After listening to Prabhu I felt that i
must volunteer for atleast something, being still a
newbie to GNU/Linux and this being just my 2nd LUG I
could talk on anything,but i could defintely write the
minutes coz it would help understand the concepts i
learnt in the meet and it someway i could contribute
to the community.The meet officially ended at about
7PM and then people slowly fragmented away. The
members will defragment again next month at most
probably at Lateral Software Labs the date of the meet
is yet to be decided.
-- by Parthasarathy R
________________________________________________________________________
Want to sell your car? advertise on Yahoo Autos Classifieds. It's Free!!
visit http://in.autos.yahoo.com
