1 Visit date & time:
   2    12.03.2016, 13:40 - 16:10 CEST
   3 
   4 Persons:
   5   Bas van den Dikkenberg (secure-u)
   6   Mendel Mobach (CAcert)
   7   Martin Simons (CAcert)
   8   Benedikt Heintel (CAcert internal auditor)
   9 
  10 Actions performed during this site visit:
  11  
  12 In the BIT workplace we received a machine from secure-u where we disconnected the harddrive, connected keyboard and mouse and monitor.
  13 
  14 For boot we used a Ubuntu DVD provided by Wytze van der Raay (cacert).
  15 Everyone received a print of implementation.txt also provided by Wytze.
  16 
  17 1 USB Stick containing .deb files and execute.sh
  18 1 USB stick provided by Bas van den Dikkenberg that we formatted
  19 
  20 In short, for the exact commands please see implementation.txt.
  21 * Booted the DVD
  22 * We checked the checksum of the Ubuntu DVD
  23 * Formatted the USB Stick from Secure-U
  24 * Turned the PC off and started it again.
  25 * Copied the software
  26 * Installed the software with execute.sh
  27 * Killed the ubuntu process that held software install back
  28 * Installed the software with execute.sh
  29 * Took note of the checksum (all of the people on site)
  30 * Copied the script output logs to the usb stick.
  31 * Noticed the USB stick was broken.
  32 * Turned the PC off and started it again.
  33 * Formatted the replacement USB Stick from Secure-U
  34 * Turned the PC off and started it again.
  35 * Copied the software
  36 * Installed the software with execute.sh
  37 * Took note of the checksum (all of the people on site)
  38 * Copied the script output logs to the usb stick.
  39 * Turned the PC off 
  40 * Handed the USB Stick to Bas
  41 * Turned the PC on and started it again to start memtest while doing the datacenter visit
  42 
  43 Data center visit:
  44 * Connected a monitor and keyboard to the signer
  45 * Received the USB stick from Bas
  46 * Inserted the USB stick into the signer
  47 * Synced the time and date of the signer
  48 * Create the ramfs and copied the documented files from the USB stick to the ramfs
  49 * Checked the checksums
  50 * Copied the key and certificate to the ramfs
  51 * started main
  52 * main complained about not able to load the certificate
  53 * Verified the contents of the root.crt, turned out to be the key
  54 At this point the contents of the private key file might have ended up in the script log
  55 * Stopped the script log
  56 * umounted the tmpfs (RAM)
  57 Doing it all again
  58 * Created the ramfs and copied the documented files from the USB stick to the ramfs
  59 * Checked the checksums
  60 * Copied the key and certificate to the ramfs
  61 * started main
  62 * Inspected the results, they looked fine
  63 * Noted down the checksum
  64 * Copied the results to the usb stick and the server directory.
  65 * exited the script logger
  66 * copied the script log outputs to the USB stick
  67 * verified that this data was on the USB stick
  68 * umounted and ejected the stick
  69 
  70 Copying it to the webserver:
  71 * Inserted the stick into the webserver
  72 * logged in onto the webserver
  73 * Copied the files to the webserver
  74 * ejected the USB stick
  75 * Handed the USB stick to secure-U
  76 
  77 In the workplace again:
  78 * Checked memtest, it ran for more than 53 minutes without errors, 
  79   only to show 1 memory bank having about 500G ram, which might be a 
  80   strange bug somewhere, probably not inflicting the memorytest 
  81   (total mem shown was 12G)
  82 * Shut down the PC
  83 * Handed over the USB stick with program input,
  84   The USB Stick with program output
  85   The ubuntu DVD 
  86   all over to Benedikt. 
  87 * Packed our stuff and left.
  88 
  89 -- end.