Committee Meeting 2011-05-01

The meeting will take place at 21:00 UTC in the IRC channel #board-meeting on the CAcert IRC network.

Committee Members: feel free to add a business within the acceptance period or your question to the board below. Others: add a question to the questions section.


  1. Minutes author prepares the minutes from the last meeting

  2. Minutes author prepares the action items. All action owners to update.

  3. Minutes author puts motion m20110501.1 to accept the minutes


  1. Preliminaries
    1. Chair opens the Committee Meeting
    2. Accept the minutes from the last meeting.

    3. Who is making minutes?
    4. Chair asks whether cacert-board-private maillist includes any items that need to be disclosed to Members.

    5. Chair introduces the URL of action items to the meeting, and asks for discussion.

  2. Businesses Important Note: Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest!

    1. Privacy Officer
    2. Security Officer
      • Proposal by Benedikt H: I also thought about getting a new position of the Security Officer - as staff unit - reporting to the board. (S)He should be responsible to make sure, CAcert is act upon the most strict data privacy rule in the world, to fulfil not only Australian regulations, but world wide. Another important task would be the implementation of an ISMS (IT Security Management System) based on ISO 27001. However, this job can be defined and filled after the big projects are up and running smoother than now.
    3. Action / Projects plan: wiki page

      • Proposal by Benedikt H: All the projects - lead by a project manager and supported by Public Relations - need to be coordinated by a program manager (supported by a PMO). The program manager should be in charge of a budget and a sufficient workforce. He directly reports to the board, to reach the goal: Audition passed faster.
    4. Infrastructure / Critical Systems
      1. Declare systems Backup, CRL, Hopper, Logger (critical) critical
      2. FYI: Progress on infrastructure migration to new host. Host setup, first systems to move
    5. a20101025.1: Execute relief by board order: Resolved, that all list posts / threads by claimant of a20101025.1 are deleted.
    6. Incident Report following SP 5.6 under a20110428.1 (Ulrich)

    7. Marcus Mängel for OAO
      1. Proposed by Mario, seconded by AO, accepted by Marcus
  3. Question Time Important Note: Questions from Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here

    1. Question One added by Your Name Comment: Replace "Question One" by Your Question and add your Name

      • et cetera
  4. Closing
    1. Confirm the next Committee Meeting: Usually every 1st and 3rd Sunday of the month 21:00 UTC.

    2. Chair closes the Committee Meeting


Present: Alexander, Dirk, Lambert, Mario, Peter, Piers. Apologies: Ian

Meeting chaired by Mario.

Minutes from last meeting accepted m20110501.1

Piers to take minutes.

Nothing on private list to discuss.

1.5 Action items

Bank A/C

The bank has accepted the new office holders to allow access. Formalities regarding on-line access being arranged.

SGM Minutes

Peter to prepare SGM minutes.

2.1 Privacy Officer & 2.2 Security Officer

No-one available to fill either role, so discussion postponed to next meeting with Ian present.

2.3 Action / Projects plan


Discussed proposal by Benedikt. Good structure, but CAcert lacks resources to do it that way. Discussed motivating testers and arbitrators. Need suggestions from community on what actions the Board can take. Board's tasks to be made explicit on the wiki.

Action item: Any board member to pick three items he wants to monitor and report to board if necessary.

Ulrich brought up the issue that we don't enough active people in many teams. Chair pointed out that PR is an endless topic and best discussed outside board meeting. Issue postponed to next meeting.

2.4 Infrastructure

Motion: Declare systems Backup, CRL, Hopper, Logger (critical) critical.

2.5 a20101025.1: Execute relief by board order

This is an issue because of HR problems in Arbitration. Mario agreed to delete the posts quickly to protect us from further damage.

Motion: Resolved, that all list posts / threads by claimant of a20101025.1 are deleted.

2.6. Incident Report following SP 5.6 under a20110428.1 (Ulrich)

FYI from Ulrich: this is the 2nd time within a 2 months period a Triage member forwarded a Support ticket to the public mailing list with PII. The case is under arbitration ... member whose infos posted gets informed, the case is ongoing.

2.7. Marcus Mängel for OAO

Motion: accept Marcus as OAO.

3 Questions

3.1 Secret ballot scheme for SGM

Discussed on sysadmins list.

3.2 Class3 update

Short version of what has been done: resign the old class 3 with sha256. New class 3 is accepted by clients. But people who imported the old class 3 need to reimport the new one manually.

To be put on agenda for next meeting: issuing of new class 3 root.

3.3 Need to reply to Oophaga's letter

Lambert to prepare first draft and circulate it.

4.1 Next meeting

Next Committee Meeting: Sunday, May 15th 2011, 20:30 UTC.

