Committee Meeting 2018-05-24 (Oceania: 2018-05-25)

European Data Protection Regulation

The meeting will take place at 20:00 AM GMT = 22:00 Central Europe = 16:00 New York = Friday morning, 6:00 Eastern Australia in the IRC channel #board-meeting on the CAcert IRC network.

Feel free to add a business item at the meeting of Thursday, June 7th.


  1. Minutes author prepares the minutes from the last meeting

  2. Minutes author prepares the actions from meeting and actions overview. All action owners to update.

  3. Minutes author puts motion m20180518.1 to accept the minutes from the last meeting.


  1. Preliminaries
    1. Chair opens the Committee Meeting
    2. Who is making minutes?
    3. Is there a timelimit? Who is time keeper?
    4. Chair asks whether cacert-board-private or cacert-board maillist includes any GDPR items that need to be disclosed to Members.

  2. Business: General Data Protection Regulation

    1. 'General Data Protection Regulation (EU) 2016/679' Details B

      1. Resumee of the working group
      2. decisions to take
      3. nominations Details A

      4. GDPR business added by Your Name Comment: Replace "Business One" by Title of Business and add your Name

      5. Additional Inputs Comment: Replace "Additional Inputs"by Description of Business, Description of Reason-Why/Purpose, Additional Comments, Additional Documents, Additional Links, if useful for other Committee Members to prepare for Committee Meeting.

    • et cetera

    Questions from Community Members about the GDPR can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here. For other questions, please ask them on June, 7th.

  3. GDPR Question Time
    1. Question One added by Your Name Comment: Replace "Question One" by Your Question and add your Name

      • et cetera
  4. Closing
    1. Next Committee Meeting will be on June, 7th (June, 8th in Murwillumbah NSW)
    2. Chair closes the Committee Meeting


Logfile from meeting 2018-05-24


Minutes will be written once the meeting is finished, with tasks listed in action items and Actions of this document.

Present: Etienne, Peter M., Ross (joined later), Frédéric G.

Apologies: Peter Y., Peter N., Brian (proxy given to Etienne)


Guests: Dirk, Karl-Heinz


At 20:02 UTC Etienne took chair and opened the meeting informally at 22:02. As the president is not here and he asked the secretary to chair the meeting, he did so. We had the quorum from 22:26 on, so the meeting was open offically from this time.

As the people present were not present in the previous meetings or wrote the minutes, we skip to accept minutes.


We have to add a footer line at the public pages: www, wiki, that links to a data protection declaration. Software need a bug report. Bug 1440, filed by GuKKDevel during the meeting.

The secretary moves to vote for the EU/EEE Data Protection Declaration as proposed at (adjustet with real names, addresses, etc.) accepted 5:0

Furthermore, he moves to ask the software team to implement a pop up an all page that uses cockies to inform users about the use of cockies and the Data Protection Declaration. (pop up text in German: "CAcert verwendet Cookies, die für die Funktionalität und das Nutzerverhalten auf der Webseite notwendig sind. Durch die Nutzung der Webseite stimmen Sie dem Einsatz von Cookies zu, wie sie in der Datenschutzerklärung der CAcert im Detail ausgeführt ist. Mehr Infos", in English somethin like "CAcert uses cookies, which are necessary for the functionality and the user behaviour on the website. By using this website, you agree to the use of cookies as described in detail in CAcert's privacy policy More information" with a link to the data potection declaration.) accepted 5:0

Our keyserver is connected to one from egal and one from secure-U (CAcert Germany). Secure-U stopped their server some days ago and egal did it one hour ago until some legal points about keyservers are more clear as today. Should we do the same (suspend the service) or continue with some risks and no more updates? Currently the CAcert-webserver is stopped, too (as the engeneeer planned to go to bed). The secretary moves to suspend the keyserver service until new decisions for GDPR reasons. (resp. keep suspended) accepted 5:0

We need a Data Protection Officer (DPO), that is not member of the board and living in the EU. The secretary asked Hubert from the working group. He is not available. He asked Lambert, but he has a CoI. Furthermore he asked Megan (the third member of the working group) and the community. No answer from both (Megan and community). Frédéric as some ideas to attract some non-technical people who will be perfect for that type of tarks. But not now. Lambert could do it for a short time, but this conflict his role as Arb - and as we need Arb, It is proposed to appoint Megan.

The secretary moves to appoint Megan R as Data Protection Officer. accepted 5:0

No other GDPR business.

Question Time No questions about GDPR.


(2018-06-07-20:00 UTC next meeting)

Chair closed the meeting at 22:04 UTC








prepare Agenda and Minutes for the next meeting



formulate text for media for money collection


checkout how to get a specific blog-entry to be pinned at main-page

Dirk, software-team


bug 1260 "upgrading PHP/debian"

Peter Y., software-team


bug 1417 "unable to create certificate"

Karl-Heinz, sofware-team


bug 1432 "testing CAA-records"

Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2018-05-24 (last edited 2018-06-07 21:56:43 by EtienneRuedin)