• Advisory
• AMinutes20080207

Minutes Management Sub-Committee meeting 20080207

Present: teus, iang, 22:30 to 01:00;

• next meeting next thursday, 7 days.

Dispute Resolution

• emaillist of case managers and arbitraters
  • 8 members on the list as arbitrators
  • teus + iang as observers
  • let's work with that.
• OK, dispute resolution system is now up and running.
• any cases?

  • one indicated from MS, iang to chase

• ok, running, leave it as it is.

Assurance

policy list work

• teus to give overview of current issues and status.

  • how do we check who is an assurer?
  • privacy/public status of cert numbers
  • AT subpol
  • code-signing policy

  • Tverify ==> subpolicy for other CA's members

  • TTP ==> subpolicy (propose a new policy)

  • Junior Assurance ==> subpolicy

  • need for DOB, ongoing discussion

CATS

• CATS

  • 2nd sysadmin, has he been added yet? Evaldo still pending

  • Ted statistics
    • 80 Assurers now have passed
  • need to mention that the Assurers will be chopped off
    • problem still is PR to reboost challenge taking
  • how to boost? reward structure?
    • not keen on boost of points
    • prefer non monetary reward like Pins

    • teus question to education list?

  • iang' to chase: Challenge passed report over to core system, status of that?

    • implementaton of Challenger-passed mark into the database is pending? teus reminded Philipp.
    • assurer mark for challenge passed assurers
    • ask sysadmins for this (Evaldo file bug)
  • paper certs
    • the certificate is for "am an Assurer", let's leave this as is for now
  • Secure-U should pick up postage costs, but not for the immediate future because of startup issues. We wait.

OA

• regions
  • US is picking up, about to propose (wip) subpol
  • Swiss: 3 pending ones, to Jens, deferred until return from US
• NL: OA assurer bootstrapping of teus, has been proposed to board
• Organisations cannot be OA?
  • policy response was that an OA and Assurer must be natural persons
• oversight JP? teus asked Jens, waiting for return from US

• AT Austria SubPol is still working through

Other

• code signing
  • current consensus/abstract?
  • policy write up
• Assurance promulgation plan

  • Iang to mail systems & marketing groups.

    • 4 policies now on the main page
  • teus wants metadata on the page for the policies.
  • there needs to be a link from the top page to policies.
• Policy on Policy should now in POLICY

  • iang to chase up onto main site.

• need to spark a proposal that new TTP policy be written, and old be terminated.

Systems

• NL move
  • USB link cable no ack seen as yet
  • missed chance to install cable monday 4th
• interest of volunteers: Xs4all, NLnet Labs (pending), Medison (pending)
  • no interest seen
• create systems committee
  • Evaldo compiles req list
  • need closed group nomination policy?

  • bounce back ideas and create a proposal to board: all

• alternate plan C project cacaca
  • lots of interest
    • AT Comp is pending
    • Guhrka-Medison pending
  • should be possible without company support
  • problem is desk, bed, net
  • Austria
    • start out with a month in AT
    • then move to NL to install the systems and get up and running
    • possibly a request for space on the NLUUG emaillist
    • have got machines in Sonance
• link
  • serial not on Suns
  • Tunix has them
  • or use USB, or use Ethernet, device nodes available?
  • leave this up to the team that builds it.
• Support team
  • Evaldo reports discussion on new member
  • has m-sc been properly notified?
  • support team members are critical
  • Teus to propose new support team members to Guillaume
  • notify ggr + rob of sitaion
• admin team: Daniel, Ted, michael ???
• what is this?, Evaldo: bill to CAcert
  • Teus+Evaldo: should bill, submit?
• check OCSP/CRL distr systems (Philipp request)
  • not clear what check is required
  • outline of concerns by Evaldo to M-SC
  • iang to talk to Pete S
  • are these critical systems?
    • nothing much on them
    • DOS for revocation checking
    • certificate could be used for a social engineering attack
  • teus chase philipp with questions
    • why are these being distributed now and not being run on our NL machines???
• Tix active monitoring/changing issue
  • question raised by Tix to go transparent or filtered?
    • was from Oophaga to Philipp
    • happened around the time of Philipp looking at RBL list
    • at that moment, Tix made an error ... caused an event call
    • The answer from Philipp was to continue the RBL active work
    • issue raised 17th november call # 01225785
    • as a result, RBL was turned off, but there are other aspects
    • gate.cacert.nl is doing the reply
    • gate.cacert.nl cert
  • firewall taps can be done at the Tix point
  • Tix can be surveyed from outside for stats purposes
  • agreed to defer this until later, until we have more assets
• teus to ping the support people and brief them
  • Philipp is trying to get others to take over tasks.
• getting sources up and available
  • good to get the board to finalise the licence under which the source code is to be issued.
  • agreed that CAcert is to own the full rights, as per the FSFE tfr agreement

  • proposal to board to be written up on that basis iang

  • iang to review GPL[23] again

House Style

• refer to list of decisions by board, posted by Teus.

• new logo & new web style promissed first week Febr to be incorporated

• advertisement handling (teus: status unknown)
  • google also now in wiki
  • text ref only now on main web page

  • buttons & logo's

• cert button (teus: status unknown)

Admin

• organigram wait for M-SC comments
  • no negative comment seen
  • go ahead
• overview of decisions taken
  • need to be diligent and record the decisions!

  • ask Evaldo for additional permissions for all board members to write on the board decisions page

  • also a new update on board decisions has been written and sent to Evaldo. Need to chase.
• tracking system for policy progress?
• wiki pages update
  • teus to write to Sebastian Documentation Officer
  • more people to help
  • we need the existing Doc Policy work-in-progress
  • especially on the wiki or on the svn

Audit

• DRC-A to C are up on the audit site
• audit.cacert.org is up and running

  • https://audit.cacert.org/drc/browser.php

  • need to drop the insistence on CAcert certificate being installed
• workplan for auditor, teus
  • teus to respond to audit agreement. Still pending.

  • start requires move + dual control

  • teus to talk it over with Greg
• security manual
  • Pat made chapter outline, some feedback from Ian and Philipp, is in progress
    • Pat is in community (CCA) ... battling with certs
• MoU for NLnet funding signed by parties
  • need announcement press release, but defer this until after agreement with auditor is reached
  • documents now on website
  • m-sc decision to remove the older HTML discussion document because it is completely replaced by the PDF.
• audit can only restart when systems are completely moved to NL

Committee meetings

• schedule 3 month period for wrap up decisions taken by email
  • evaldo/teus chase up board
  • get email decisions into wiki
• AGM minutes need board review is now on wiki

  • iang to review

• if we get Evaldo/cacacha then talk to Greg and to Robert about a meeting

M-SC finances