= Minutes Advisory / Management Sub-Committee meeting 20071129 =

== Systems Review ==

 * maillist?  ''Teus'' to chase.
 * backup recovery plan, followup still to be done by ''Evaldo''
 * failure of memory on core+db indicated
 * OpenPGP
   * agreed to defer any attention to next year
   * after move NL and rebuild of sysadm / software teams

== NL ==
 * hvl is busy at the moment.  ''Teus'' to get in contact.
 * test system access
   * hvl is added
   * decision: also add the Rudis.
 * plan for move
   * delivered tuesday in v0.1
   * no comments in mail
   * decision: critical systems administrators get access to ''both'' machines, this is not acceptable in medium term, but has to be done for now.
   * the signing server can be any of the available servers, as it is has no access except over the serial cable
   * (discussion about the dual access and BIT responsibilities)
   * Teus: comments discussed, some changes made.  Need to forward to board.
   * agreed to re-open agenda point at end with Philipp
 * Discussion with Phillip
   * Rudis can be made available to help access
   * Estimate that it will take one man-month work (experienced)
   * This is the same as the AU->AT move
   * 1st step is to build the software suite and load test data & config
   * Once running and tested, estimated 2 hours of down time to move real data
   * some discussion on DNS and Reflectors.
   * Evaldo can help with building the systems
   * KVM access is not available in secure form
   * Evaldo might be able to propose a VPN solution later (security, SSH, Tix, KVM, etc...)
   * issue is that the signing server needs a lot of attention
   * Philipp and Evaldo to work on it over the weekend
   * monday deadline for comments

=== IRC ===
 * IRC machine
   * port 80/443 connections are being delivered with a single source IP# which is the Tunix firewall
   * IP# should be from the client machine of the user
   * ''evaldo'' to file separate bug
 * the default situation with Tunix is that they are screening.
   * this may meen that they are screening SSL sessions.
   * Teus cannot comment on screening as has Oophaga hat on
   * Evaldo and Iang raised doubts in email.
   * ''Evaldo'' to discuss with Philipp.
   * ''Iang'' to clearly stress the audit context on this.

== Assurance ==

 *  CATS is up and going,
   * Evaldo to write a 5 mins script, waiting on Jens.
   * an email should go out to announce the CATS to board + close insiders
   * Michael is to review CATS code
 * Policies
   * NRP-DaL  ==> still needs rework
   * do this at same time as the style guide rework.
 * CCA 
   * policy has privacy mods, needs to be voted.  ''teus'' to chase Jens and Evaldo by reforwarding the post
   * FSFE transfer language, email to propose the changes to come

== Misc ==

 * Audit Funding
   * '''iang''' to comment with Valer
   * '''iang''' to propose half retainer to CAcert
 * Security Manual
   * greg introduced the question to Pat, then stepped out of the way
   * ''teus'' to comment on remuneration
   * maybe request a plan, but not obvious what that would be
 * Henrik's proposal ==> '''evaldos''' list
 * Henrik to be freed from House Style area
   * offices to be reorganised?  Debate continues
   * Johann had an issue with PR

== END ==