Committee Meeting 2012-04-22
The meeting will take place at 21:00 UTC in the IRC channel #board-meeting on the CAcert IRC network.
Committee Members: feel free to add a business within the acceptance period or your question to the board below. Others: add a question to the questions section.
Minutes author prepares the minutes from the last meeting
Minutes author prepares the action items. All action owners to update.
Minutes author puts m20120327.4 to accept the minutes
Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest!
Acceptance of new Inc member added by UlrichSchroeter
Recent Security Incidents added by Iang
are they resolved? Is there anything as per SP5.6?
DPA issue (reloaded) added by UlrichSchroeter
- request from Software-Assessment project team meeting
Permissions review (reloaded) added by UlrichSchroeter
current state/report a20110118.1
Arbitrator nomination added by UlrichSchroeter (late added agenda item)
request to accept Alex Robertson, UK nomination to Arbitration team
- Question Time
Questions from CAcert.org Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here
Confirm the next Committee Meeting: Usually every 2nd and 4th Friday of the month 20:00 UTC.
- Chair closes the Committee Meeting
Meeting chaired by Piers.
1.2 Minutes from last meeting
Minutes from last meeting accepted by m20120327.4.
1.3 Minute taker
Minutes will be taken by Piers.
1.4 Disclosure of private communication
1.5 Action items
Dirk reports that software added the booking.com-affiliate-link to a more prominent location, see http://www.cacert.org/index.php?id=13
2.1 Acceptance of new Inc member
Motion proposed: Accept Reinhard Mutz as new Inc member m20120422.1.
2.2 Recent Security Incidents
Michael discussed with Wytze the possible effects on us by the recently discovered vulnerability in OpenSSL:
- "We generally came to the conclusion that we should be covered. The update on the WebDB was done almost instantly when the packages where available which was about 1 day after the disclosure the signing server should be protected because the WebDB will not let malicious data through, an update for the signer is scheduled anyway. One further attack we've had some days and weeks ago: at least one person is trying once in a while to throw random attacks at us. There is so far no indication that the attacker is successful and the attacks are not directed in any way.
Some hints are that it is related to this tool: vulnerability-scanner. A major annoyance however is that also the support contact form is tried which results in major floods in our inbox (~1000 mails in a few days). They can be filtered, so not that much trouble, but annoying."
Michael will ask Joost to publish an incident report as per SP5.6.
2.3 DPA issue (reloaded)
There is a proposal from Philipp Dunkel, see: msg00011.html
The proposal should be forwarded to the Policy Group if the Board thinks it viable.
Motion: That board proposes the role of the supervisor general as proposed by Philipp Dunkel to the policy group for further consideration. m20120422.2.
2.4 Permissions review (reloaded)
Ulrich has prepared an intermediate ruling on the issue from the last board meeting, open for review - please see: Intermediate Ruling
2.5 Arbitrator nomination
Alex Robertson has been proposed as an arbitrator by Ulrich, see: msg00020.html.
No response from Arbitration Teaam Leader as yet, so motion to accept Alex proposed: that we accept the nomination of Alec Robertson to the Arbitration team m20120422.3.
Time for next meeting yet to be agreed.
Please choose available slots on: doodle.
Meeting closed by chair.
m20120327.4: Accept minutes for 2012-03-18
m20120422.1: accept Reinhard Mutz as new Inc member
m20120422.2: supervisor general
m20120422.3: Alec Robertson to the Arbitration Team