10:02 #board-meeting: <@ReinhardM> hello to all
10:02 #board-meeting: <@INOPIAE> good morning
10:03 #board-meeting: <@StefanT> Good Morning
10:03 #board-meeting: <@ReinhardM> I hereby open today's board meeting
10:03 -!- INOPIAE changed the topic of #board-meeting to: Board Meeting 2016-01-10 10:00 UTC| the channel is moderated for voice to board member only | https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2016-01-24
10:03 #board-meeting: <@ReinhardM> juergen can not attend today
10:03 -!- mode/#board-meeting [+m] by INOPIAE
10:04 #board-meeting: <@ReinhardM> do we have a quorum?
10:04 #board-meeting: <@INOPIAE> I see 4 board members
10:04 #board-meeting: <@ReinhardM> OK, we have a quorum
10:05 #board-meeting: <@ReinhardM> the meeting is opened
10:05 #board-meeting: <@ReinhardM> Topic 1.2 Accept the minutes from the last meeting.
10:05 #board-meeting: <@INOPIAE> https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2016-01-10
10:06 #board-meeting: <@INOPIAE> I have tom apologize that I finished the minutes an hour ago.
10:07 #board-meeting: <@StefanT> I accept the minutes
10:07 #board-meeting: <@ReinhardM> I move to accept the minutes from the last meeting
10:08 #board-meeting: <@felix> second and aye
10:08 #board-meeting: <@INOPIAE> aye
10:08 #board-meeting: <@StefanT> Second & Aye
10:08 #board-meeting: <@ReinhardM> aye
10:08 #board-meeting: <@ReinhardM> the minutes are accepted
10:08 #board-meeting: <@ReinhardM> AYE 4 
10:09 #board-meeting: <@ReinhardM> topic 1.3 Who is making minutes? 
10:09 #board-meeting: <@INOPIAE> I will do the minutes
10:09 #board-meeting: <@ReinhardM> Thank you Marcus
10:10 #board-meeting: <@ReinhardM> topic 1.4 Chair asks whether cacert-board-private maillist includes any items that need to be disclosed to Members. 
10:11 #board-meeting: <@INOPIAE> I see nothing to dislose
10:12 #board-meeting: <@INOPIAE> dislose / disclose
10:13 #board-meeting: <@ReinhardM> Okay - there have been no emails send to board-private only
10:13 #board-meeting: <@ReinhardM> Topic 1.5 Chair asks whether cacert-board maillist includes any business items that aren't on the agenda yet. 
10:14 #board-meeting: <@StefanT> Nothin from me
10:14 #board-meeting: <@ReinhardM> agreed
10:14 #board-meeting: <@ReinhardM> Topic 1.6 Chair introduces the URL of action items to the meeting, and asks for discussion. 
10:15 #board-meeting: <@INOPIAE> As they have not yet been updated there is nothing to be done here.
10:16 #board-meeting: <@ReinhardM> agreed
10:16 #board-meeting: <@ReinhardM> Topic 2 Businesses
10:17 #board-meeting: <@ReinhardM> Topic 2.1 Opinion survey about Re-Signing procedure
10:19 #board-meeting: <@INOPIAE> The opinion survey was started on 2016*-01-21 and end on 2016-01-28 0:00 ITC. 
10:19 #board-meeting: <@INOPIAE> ITC/UTC
10:20 #board-meeting: <@INOPIAE> The invitation was sent to 72 members.
10:20 #board-meeting: <@StefanT> There was questions about the survey! Who can look at the summaries?
10:21 #board-meeting: <@felix> As stated in the invitation mail itself, everyone may do so by using the given link.
10:22 #board-meeting: <@felix> That link will only work when the poll has finished.
10:22 #board-meeting: <@felix> As there was also confusion about the "verification tokens":
10:22 #board-meeting: <@felix> The summary will contain lists of all verification tokens that voted "yes" and the ones that voted "no"
10:23 #board-meeting: <@felix> so by using your token, you can verify that your vote was conted there
10:23 #board-meeting: <@felix> (and by checking it with others that you trust you can verify that your token is unique)
10:24 #board-meeting: <@felix> (or only check parts...)
10:25 #board-meeting: <@ReinhardM> thank you, felix, for the explanation
10:26 #board-meeting: <@ReinhardM> next Topic 2.2 Key persons list 
10:27 #board-meeting: <@INOPIAE> As the former board did not hand over the key persons list they had created I collected the information again.
10:27 #board-meeting: <@INOPIAE> I recieved most of the information.
10:27 #board-meeting: <@INOPIAE> I will compose a first list next week and send it out as encrypted mail to all persons on the list.
10:27 #board-meeting: <@INOPIAE> Let us prepare a Wiki page for the process of the key person list.
10:28 #board-meeting: <@ReinhardM> thank you, Marcus
10:28 #board-meeting: <@ReinhardM> next Topic 2.3 Get support working
10:30 #board-meeting: <@INOPIAE> I had a second training with Werner were 3 board members were attending as witness
10:30 #board-meeting: <@INOPIAE> I will send out the report about the training this week.
10:32 #board-meeting: <@felix> From what I whitnessed at this trainig, the points explicitly stated in the arbitration case were covered during that meeting
10:34 #board-meeting: <@felix> also I perceived the training as successful
10:34 #board-meeting: <@felix> so when this is covered in the report, I'd see no obstacle of putting Werner back to work.
10:34 #board-meeting: <@ReinhardM> thank you
10:36 #board-meeting: <@ReinhardM> next topic 2.4 FOSDEM (stand in K building, bottom floor) 
10:36 #board-meeting: <@ReinhardM> our booth at FOSDEM is accepted
10:37 #board-meeting: <@INOPIAE> We will have a stand at the FOSDEM. It will be located in K buling on the ground floor on the left handside of the lecture room.
10:39 #board-meeting: <@ReinhardM> I hope toi see as many assurers as possible
10:40 #board-meeting: <@StefanT> Good bye. I have to go about a medical problem in the family!
10:40 #board-meeting: <@ReinhardM> see you soon
10:40 #board-meeting: <@ReinhardM> we have still a quorum
10:40 #board-meeting: <@ReinhardM> next Topic 2.5 EBCA (European Bridge CA - https://www.ebca.de/en/) 
10:41 #board-meeting: <@ReinhardM> We had a presentation as guests and demonstrated how CAcert works
10:42 #board-meeting: <@ReinhardM> We received the invitation several months ago. 
10:43 #board-meeting: <@ReinhardM> The presentation showed the "ATE Presentation"
10:45 #board-meeting: <@INOPIAE> Thanks for the information about it.
10:46 #board-meeting: <@ReinhardM> next Topic 2.6 Risk Analysis & physical inventory
10:48 #board-meeting: <@ReinhardM> Our internal auditor requested a current risk analysis several months (17 ?) ago.
10:48 #board-meeting: <@ReinhardM> There is a risk analysis from former external auditor. That paper is outdated in any kind.
10:49 #board-meeting: <@ReinhardM> The paper was written about 2009 or aerlier.
10:50 #board-meeting: <@ReinhardM> We have to take into account themes like hardware, software and the situation of alla teams
10:51 #board-meeting: <@INOPIAE> Let us prepare a list of topics for the next meeting.
10:52 #board-meeting: <@INOPIAE> If anybody has ideas that might be important for the risk analysis please sent them to board via mail.
10:56 #board-meeting: <@INOPIAE> We should have a dedicated inventory list of the hardware located at BIT.
10:58 #board-meeting: <@INOPIAE> We should also think about legal requirements.
10:59 #board-meeting: <@ReinhardM> any comments?
11:00 #board-meeting: <@ReinhardM> Let us prepare a list of issues which should be covered by a risk analysis.
11:01 #board-meeting: <@ReinhardM> We place this in the wiki. So everybody may contribute.
11:01 #board-meeting: <@ReinhardM> Topic buisiness closed.
11:01 #board-meeting: <@ReinhardM> next Topic 3. Question Time 
11:02 #board-meeting: <@ReinhardM> open the channel please
11:02 -!- mode/#board-meeting [-m] by INOPIAE
11:02 #board-meeting: < katzazi> who has access to the file system where the survey is running?
11:04 #board-meeting: < katzazi> who will be able to study the logs of the changes on that file system?
11:05 #board-meeting: < katzazi> what do you do about the fact that nearly 5% of the original tokens for the survey were made public because of people were replying to the invitation mail?
11:07 #board-meeting: <@felix> To 1st Question: see (as you already noticed) https://wiki.cacert.org/SystemAdministration/Systems/Web for the admins of that system.
11:07 #board-meeting: < katzazi> that does not give us information about who has access to which parts
11:08 #board-meeting: <@felix> To 2nd Question: to our knowledge there is no logging on file system level done on that machine. --> no one will be able to study the logs.
11:08 #board-meeting: < katzazi> so we will not be able to check what files were there prior to the survey
11:08 #board-meeting: < katzazi> or if someone crated files during the survey
11:09 #board-meeting: < katzazi> while about 7 people may have access?
11:11 #board-meeting: < katzazi> if we compare our confirmation-tokens even partly this removes the anonymity is this intended?
11:12 #board-meeting: < katzazi> who wrote the code for the survey?
11:12 #board-meeting: < katzazi> who started the survey? is there a logging about this?
11:13 #board-meeting: < katzazi> can you give some update about the investigation that you claim to have started?
11:15 #board-meeting: < katzazi> what will board do if there are 5% "no" in the survey, or 10% or even more?
11:15 #board-meeting: < katzazi> what will board do if the survey results in "yes"?
11:20 -!- mode/#board-meeting [+m] by INOPIAE
11:21 #board-meeting: <@ReinhardM> AS I wrote already in an email the investigation committee will start soon. there are 2 assurers nominated for this task; a third person is contacted.
11:21 #board-meeting: <@ReinhardM> The committee will start soon.
11:21 #board-meeting: <@ReinhardM> All other questions could be answered by yourself, because you got all informations as everybody else.
11:22 #board-meeting: <@ReinhardM> See the git page for the code, see the wiki and the emails
11:22 #board-meeting: <@ReinhardM> I propose the held our next board meeting in 2 weeks, same place same time
11:24 #board-meeting: <@ReinhardM> the next board meeting will be held on Sunday, 2016-02-07 at 10:00 UTC
11:24 #board-meeting: <@INOPIAE> aye
11:24 #board-meeting: <@felix> aye
11:24 #board-meeting: <@ReinhardM> accepted
11:24 #board-meeting: <@ReinhardM> I hereby close today's board meeting
11:25 #board-meeting: <@ReinhardM> Thanks to all and have a nice sunday.