- Case Number: a20120331.1
- Status: withdrawn
- Claimant: CAcert (Support - originally filed by Werner D)
- Respondent: Sherlock H, J H
Initial Case Manager: AlexRobertson
Case Manager: PietStarreveld
- Date of arbitration start:
- Date of ruling:
- Case closed: 2016-10-22
- Complaint: Bogus Account
- Relief: TBD
Before: Arbitrator name arbitor (A), Respondents: Sherlock H(R1), J H(R2), Claimant: CAcert (C1), Case: a20120331.1
Former parties: Werner D. for Support (C2).
2012-03-31 (issue.c.o) ticket s20120331.10
- 2012-05-04 (iCM): added to wiki, request for CM / A
- 2012-05-04 (iCM): initial mail to (R1) and (R2) bounced.
- 2012-05-04 (iCM): reply from (C).
- 2012-05-05 (iCM): response to (C)
- 2012-05-05 (iCM): received background on bogus accounts on arbitration mailing list
- 2016-08-20 (CM): FrOSCon 2016 session:
- case selected for review as it fits the review criteria
- CAcert Support becomes new claimant (C1), original claimant dismissed (C2)
- CAcert Support withdraws case as claimant
- 2016-09-25 (CM): board confirms the executive decisions taken during FrOSCon 2016 session by board motion m20160921.2
- 2016-10-15 (CM): implement executive decisions taken during FrOSCon 2016 and send case withdrawal notification
- 2016-10-22 (CM): case closed as withdrawn
Link to Arbitration case a20120331.1 (Private Part), Access for (CM) + (A) only)
EOT Private Part
- Original dispute (privacy sensitive data anonymized as [...]):
Hello arbitrators, at the "List of Tverify Admins" I stumbled over the bogus entry of [...] He even has 150 points, yet from one single TTP assurance. Since the name fields contain no real personal name parts, I file a dispute against that user to change this name fields to his real name and to revoke his certificates, though they are expired. Maybe the account has to be deleted at all. I cannot understand how this could happen unnoticed. Therefore I file a second dispute against [...], who did the TTP assurance, to warn him for giving a wrong assurance. [...] was assured by [...] only and did a lot of F2F and TTP assurances.
Member of arbitration team provides relevant background information about the disputed bogus accounts on the arbitrator mailing list (Background on Bogus accounts in case a20120331.1) on 2012-05-05:
All infos given in the dispute directs to the deployment process of the tverify program - so to be a test account. As also all named members are more or less inactive, I came to the conclusion that there is no "urgent" handling needed for this case. To flood the arbitration queue with delete-my-account cases makes no sense, if accounts are long time unused. So here we better have to wait, until Software-Assessment has prepared the Software that we can handle delete-account-cases by one click.
FrOSCon 2016 session - future of 25 arbitration cases from leaving team members
At FrOSCon 2016 members of Arbitration, Board and Support took part in a session on possible withdrawal of cases by CAcert(Support)/CAcert and prior clarification about claimants. On 2016-08-23 the initial report of that FrOSCon 2016 session, Protocol - FrOSCon session - future of 25 arbitration cases from leaving team members, was posted on the board and arbitration mailing lists for review and discussion.
The executive "decisions" taken during the FrOSCon 2016 Session (and also regarding additional cases) were confirmed by board motion m20160921.2 on 2016-09-25:
Resolved, that board withdraws the cases as mentioned in the emails https://lists.cacert.org/wws/arc/cacert-board/2016-08/msg00009.html and https://lists.cacert.org/wws/arc/cacert-board/2016-08/msg00017.html acting for CAcert as claimant of that cases.
The detailed background, proceedings and the initial report of the FrOSCon 2016 session are publicly available as FrOSCon 2016 Session Report.
FrOSCon 2016 session - review of case a20120331.1 - "Bogus Account"
At the FrOSCon 2016 Session case a20120331.1 - "Bogus Account" was put up for review as all who were present at the session agreed that it fitted the criteria for review:
- dispute is filed by formerly active member
- dispute is filed as a role based dispute
For this case this meant that Support would now assume the role of claimant and that the original claimant should be considered as former claimant, having been dismissed from the dispute.
The subsequent review of this case at FrOSCon 2016 made Support decide to withdraw the case as claimant as shown by the relevant section of the FrOSCon 2016 report posted on the board and arbitration mailinglists on 2016-08-23:
6. https://wiki.cacert.org/Arbitrations/a20120331.1 ------------------------------------------------------------------- "Bogus Account" * summary of dispute: "at the "List of Tverify Admins" I stumbled over the entry "The Most Reverend Sherlock H[...]. He even has 150 points, yet from one single TTP assurance." dispute against user to change to ral name and to revoke certificates, though they are expired, maybe delete account dispute against assurer to warn him for giving wrong assurances. * support: analogue as above, no CCA, no AP, please hand back to support * board: ok [note of [...] when preparing protocol: Further below there is a note by the filing person, that it was a known fake account "that will be deleted anyway in the near future, so there is no special action needed" - unclear if and if yes how this was done - no arbitration case known for this]
FrOSCon 2016 session - review of case a20120331.1 - "Bogus Account" - comments received
The review of this case as reported on the board and arbitration mailinglists led to minor comments posted on the board and arbitration mailinglists on 2016-08-24 (only relevant part included here for brevity). None of the comments came from the original claimant:
[...] > - unclear if and if yes how this was done - no arbitration case known > for this] Okay, and you asked for samples of fake account data previously ... [...]
The reply tries to explain to the member that Support has no inherent reason for looking at a name nor does Support has any means to determine whether a name actually belongs to a person or not:
[...] > Okay, and you asked for samples of fake account data previously ... No, I did not. And neither [...] nor [...] did. They knew about the nature of the names in the cases that we touched. And they knew about this one. The questions [...] asked were: - with which authority did support look at those data - which authority does support have to know that something really is not the name of a person. A lot of names are allowed in some countries. [...]
None - claimant C1 withdrew case on 2016-08-20.