Committee Meeting 2013-03-24

The meeting will take place at 21:00 UTC in the IRC channel #board-meeting on the CAcert IRC network.

Committee Members: feel free to add a business within the acceptance period or your question to the board below. Others: add a question to the questions section.

Premeeting

  1. Minutes author prepares the minutes from the last meeting

  2. Minutes author prepares the action items. All action owners to update.

  3. Minutes author puts motion m20130322.4 to accept the minutes

Agenda

  1. Preliminaries
    1. Chair opens the Committee Meeting

    2. Accept the minutes from the last meeting.

    3. Who is making minutes?

    4. Chair asks whether cacert-board-private maillist includes any items that need to be disclosed to Members.

    5. Chair asks whether cacert-board maillist includes any business items that aren't on the agenda yet.

    6. Chair introduces the URL of action items to the meeting, and asks for discussion.

  2. Businesses

    Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest!

    1. Oophaga closing down by Michael

      • Oophaga members have decided to close the organisation. How do we want to deal with it?

        • Additional remarks by dirk: I suggest to move any decisions to the first meeting in may. However: Everybody should be aware of Oophaga closedown and find possible solutions until then.

    2. Use of micropayment services for funding by Tomáš

      • Carried over from last meeting's question 3.1
      • Do we want to authorise adding micropayment buttons to some parts of non-critical infrastructure (blog, wiki, maybe bugtracker)?

    3. SGM and the OFT Report and Bank Account by u60

      • Any news out of the SGM result? OFT report transfered?

    4. Question from the floor: Status of roots inclusion by u60

    5. New Roots & Escrow project (recuring agenda topic until decision reached) by u60

      • references see meeting 2013-03-10 top 2.5

      • Any news?

      • latest Baseline_Requirements_V1_1 (effective 14 September, 2012) lists on page 34 for Root certificates:

        • validity period:

          beginning on or before 31 Dec 2010

          Validity period beginning after 31 Dec 2010

          Digest algorithm:

          MD5 (NOT RECOMMENDED),

          SHA-1, SHA-256, SHA-384 or SHA-512

          SHA-1*, SHA-256, SHA-384 or SHA-512

          Minimum RSA modulus size (bits)

          2048

          2048

          CAcert "old" Root Key

          + (MD5, 4096)

          -

      • No indication, so needs further input

    6. Business added by Your Name Comment: Replace "Business One" by Title of Business and add your Name

      • Additional Inputs Comment: Replace "Additional Inputs"by Description of Business, Description of Reason-Why/Purpose, Additional Comments, Additional Documents, Additional Links, if useful for other Committee Members to prepare for Committee Meeting.

    7. et cetera
  3. Question Time

    Questions from CAcert.org Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here

    1. Question One added by Your Name Comment: Replace "Question One" by Your Question and add your Name

      • et cetera
  4. Closing
    1. Agree on date of the next Committee Meeting
    2. Chair closes the Committee Meeting

Minutes

1 Preliminaries

1.1 Opening

Present: Michael, Tomáš, Werner

Meeting chaired by Werner.

1.2 Minutes from last meeting

Minutes from 2013-03-10 accepted in meeting by motion m20130322.4.

1.3 Minutes taker

Minutes will be taken by Werner.

1.4 Disclosure of private communication

Oophage was discussed and move in 2.1.

1.5 Potential agenda items on cacert-board

No new issues identified on the mailing list.

1.5 Action Items

Nothing discussed.

2 Business

2.0 Acceptance of late businesses

Late business items 2.3 to 2.5 unanimously accepted by m20130414.1.

2.1 Oophaga closing down

The discussion regarding closing down Oophaga was moved from board private to board mailing list. This was unanimously accepted by m20130414.2. Probably Secure-U will take over the business from Oophaga. This discussion is still running.

2.2 Use of micropayment services for funding

There was some discussio but since Tomáš had to leave no decision was possible.

2.3 SGM and the OFT Report and Bank Account

Oft report: no action report from Kevin yet, but he acknowledged that he got the mail, so we hope he will process it soon.

2.4 Status of roots inclusion

The root inclusion into the browsers requires one or more audits. Benedikt Heintel is a certified IRCA auditor and volunteers to do the required audits for CAcet and will help to make CAcert Audit ready. To target the audit a team shall be created. For the work to be done see
https://wiki.cacert.org/AGM/TeamReports/2012#AuditTeam
https://blog.cacert.org/2010/10/489.html
https://blog.cacert.org/2010/10/489.html
Policy group is doing its homework right now. One of the first steps are Policies and Board Decision on new roots and escrow, Audit over RA, finish CCA roll out. Software is on a good way but needs more time. For the money, there is a founded hope that we will get it when we need it. We need people and we need smaller chunks to make people volunteer on.

There are two types of audit, one is external (certification audit), the other is internal recurrent (e.g. yearly). The audit takes the whole organisation, we should definitively have the internal audit running.

2.5 New Roots & Escrow project

The present Root does not need an immediate change. But if we create a new Root, we have to follow new requirements. But we are in need of an escrow method which is lacking now. Look into https://wiki.cacert.org/Roots/StateOverview.

3 Question time

10 Years anniversary mentioned but not processed.

4 Closing

Next meeting will dedeterminded by doodle.

Motions

Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130324 (last edited 2013-04-19 02:59:59 by MichaelTänzer)