. '''To Brain''' '''[[Brain#CAcert_Inc._-_CAcert.org_Members_Association| CAcert Inc. - CAcert.org Members Association]]''' - '''To Brain CAcert Inc. Committee''' '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes| Meeting Agendas & Minutes]]''' - '''[[OverviewProjectsBoard|Board's Project Overview]]''' - '''[[Brain/CAcertInc/Committee/ActionItems|Current Action Items]]''' - '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130310|last meeting]]''' - '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130421|next meeting]]'''

##  #######################################################################################
##    FILL IN ABOVE    LAST MEETING DATE,  NEXT MEETING DATE   the correct DATEs
##  #######################################################################################

## please also edit overview under:   https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes
----

= Committee Meeting 2013-03-24 =

The meeting will take place at [[http://www.timeanddate.com/worldclock/fixedtime.html?msg=Board+Meeting&iso=20130324T21|21:00 UTC]] in the IRC channel #board-meeting on the CAcert IRC network.

Committee Members: feel free to add a business within the acceptance period or your question to the board below. Others:  add a question to the questions section.

== Premeeting ==

 1. Minutes author prepares [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130310#Minutes|the minutes from the last meeting]]
 1. Minutes author prepares the [[Brain/CAcertInc/Committee/ActionItems|action items]]. '''All action owners''' to update.
 1. Minutes author puts [[https://community.cacert.org/board/motions.php?motion=m20130322.4|motion m20130322.4]] to accept the minutes

== Agenda ==
 1. Preliminaries
  1. Chair opens the Committee Meeting
  1. Accept [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130310#Minutes|the minutes from the last meeting]].
  1. Who is making minutes?
  1. Chair asks whether [[https://lists.cacert.org/wws/arc/cacert-board-private|cacert-board-private]] maillist includes any items that need to be disclosed to Members.
  1. Chair asks whether [[https://lists.cacert.org/wws/arc/cacert-board|cacert-board]] maillist includes any business items that aren't on the agenda yet.
  1. Chair introduces the URL of [[Brain/CAcertInc/Committee/ActionItems|action items]] to the meeting, and asks for discussion.
 1. Businesses
 {{{#!wiki caution
Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest!
}}}
  1. Oophaga closing down ''by Michael''
    . Oophaga members have decided to close the organisation. How do we want to deal with it?
      Additional remarks by ''dirk'':
      I suggest to move any decisions to the first meeting in may.
      However: Everybody should be aware of Oophaga closedown and find possible solutions until then.
  1. Use of micropayment services for funding ''by Tomáš''
    . Carried over from last meeting's question 3.1
    . Do we want to authorise adding micropayment buttons to some parts of non-critical infrastructure (blog, wiki, maybe bugtracker)?
  1. SGM and the OFT Report and Bank Account ''by u60''
    . Any news out of the SGM result? OFT report transfered?
  1. Question from the floor: Status of roots inclusion ''by u60''
    . "Status of inclusion of cacert root certificates into the standard Mozilla certificate bundle"
    . [[https://lists.cacert.org/wws/arc/cacert-support/2013-03/msg00019.html]]
     . references to the [[https://developer.mozilla.org/en-US/docs/Persona/Implementing_a_Persona_IdP|Implementing a Persona IdP]] project
     . (similar to our client cert login concept, replace the account/password combinations by client certs/Persona IdP)
      a. project requires that roots are in vendor browser(s)
      a. roots into the browsers requires audit
      a. audit of CA requires new roots (see agenda top 5)
    . Further references:
     1. [[AGM/TeamReports/2012#AuditTeam|AGM Team Reports 2012 - Audit Team]]
     1. [[AGM/BoardReport/2012#Strategy|AGM Board Report 2012 - Strategy]] (read down to the end)
  1. New Roots & Escrow project (recuring agenda topic until decision reached) ''by u60''
   . references see [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130310|meeting 2013-03-10 top 2.5]]
   . Any news?
   . latest [[https://www.cabforum.org/Baseline_Requirements_V1_1.pdf|Baseline_Requirements_V1_1]] (effective 14 September, 2012) lists on page 34 for Root certificates:
    || validity period: || beginning on or before 31 Dec 2010 || Validity period beginning after 31 Dec 2010 ||
    || Digest algorithm: || MD5 (NOT RECOMMENDED),<<BR>> <<BR>>SHA-1, SHA-256, SHA-384 or SHA-512 || SHA-1*, SHA-256, SHA-384 or SHA-512 ||
    || Minimum RSA modulus size (bits) || 2048 || 2048 ||
    || CAcert "old" Root Key ||<^>'''+''' (MD5, 4096) ||<^> '''-''' ||
   . No indication, so needs further input

  1. Business added by Your Name ''Comment: Replace "Business One" by Title of Business and add your Name''
    . Additional Inputs ''Comment: Replace "Additional Inputs"by Description of Business, Description of Reason-Why/Purpose, Additional Comments, Additional Documents, Additional Links, if useful for other Committee Members to prepare for Committee Meeting.'' 
  . et cetera
 1. Question Time
 {{{#!wiki note
Questions from CAcert.org Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here
}}}
  1. Question One added by Your Name ''Comment: Replace "Question One" by Your Question and add your Name''
   . et cetera
 1. Closing
  1. Agree on date of the next Committee Meeting
  1. Chair closes the Committee Meeting

##  #######################################################################################
##   FILL  IN  MEETING AGENDA ITEMS FROM LAST MEETING MINUTES DEFERED TO NEXT MEETING
##  #######################################################################################


<<Anchor(Minutes)>>
== Minutes ==

=== 1 Preliminaries ===

==== 1.1 Opening ====

Present: Michael, Tomáš, Werner

Meeting chaired by Werner.

==== 1.2 Minutes from last meeting ====

[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130310#Minutes|Minutes from 2013-03-10]] accepted in meeting by [[https://community.cacert.org/board/motions.php?motion=m20130322.4|motion m20130322.4]].

==== 1.3 Minutes taker ====

Minutes will be taken by Werner.

==== 1.4 Disclosure of private communication ====

Oophage was discussed and move in 2.1.

==== 1.5 Potential agenda items on cacert-board ====

No new issues identified on the mailing list.

==== 1.5 Action Items ====

Nothing discussed.

=== 2 Business ===

==== 2.0 Acceptance of late businesses ====

Late business items 2.3 to 2.5 unanimously accepted by [[https://community.cacert.org/board/motions.php?motion=m20130414.1|m20130414.1]].

==== 2.1 Oophaga closing down ====

The discussion regarding closing down Oophaga was moved from board private to board mailing list. This was unanimously accepted by [[https://community.cacert.org/board/motions.php?motion=m20130414.2|m20130414.2]]. Probably Secure-U will take over the business from Oophaga. This discussion is still running. 

==== 2.2 Use of micropayment services for funding ====

There was some discussio but since Tomáš had to leave no decision was possible.

==== 2.3 SGM and the OFT Report and Bank Account ====

Oft report: no action report from Kevin yet, but he acknowledged that he got the mail, so we hope he will process it soon.

==== 2.4 Status of roots inclusion ====

The root inclusion into the browsers requires one or more audits. Benedikt Heintel is a certified IRCA auditor and volunteers to do the required audits for CAcet and will help to make CAcert Audit ready. To target the audit a team shall be created. For the work to be done see <<BR>>
https://wiki.cacert.org/AGM/TeamReports/2012#AuditTeam <<BR>>
https://blog.cacert.org/2010/10/489.html <<BR>>
https://blog.cacert.org/2010/10/489.html <<BR>>
Policy group is doing its homework right now. One of the first steps are Policies and Board Decision on new roots and escrow, Audit over RA, finish CCA roll out. Software is on a good way but needs more time. For the money, there is a founded hope that we will get it when we need it. We need people and we need smaller chunks to make people volunteer on. 

There are two types of audit, one is external (certification audit), the other is internal recurrent (e.g. yearly). The audit takes the whole organisation, we should definitively have the internal audit running.

==== 2.5 New Roots & Escrow project ====

The present Root does not need an immediate change. But if we create a new Root, we have to follow new requirements. But we are in need of an escrow method which is lacking now. Look into https://wiki.cacert.org/Roots/StateOverview.

=== 3 Question time ===

10 Years anniversary mentioned but not processed.

=== 4 Closing ===

Next meeting will dedeterminded by doodle.

=== Motions ===
 * [[https://community.cacert.org/board/motions.php?motion=m20130414.1|m20130414.1]]: ''Accept the late business items 2.3 to 2.5''
 * [[https://community.cacert.org/board/motions.php?motion=m20130414.2|m20130414.2]]: ''Disclose the message titled \"State of Oophaga, no future\"''

----
 . CategoryBoardMinutes