Information for new board members

Committee Meeting 2018-12-13 (2018-12-14 in Australia)

The meeting will take place at 20:00 UTC in the IRC channel #board-meeting on the CAcert IRC network.

08:00 PM GMT = 21:00 CET = 15:00 New York EDT = '''07:00 Australia AEST following day'''

Feel free to add a business item within the acceptance period of 48 hours or your question to the board below. Non-committee Members: Committee may choose to convert any business proposed as a question in the questions section.

Premeeting

  1. Minutes author prepares the minutes from the last meeting

  2. Minutes author prepares the actions from meeting and actions overview. All action owners to update.

  3. Minutes author puts motion m2018MMDD.1 to accept the minutes from the last meeting.

Agenda

  1. Preliminaries
    1. Chair opens the Committee Meeting
    2. Who is making minutes?
    3. Is there a timelimit? Who is time keeper?
    4. Accept the minutes from the last meeting.

    5. Chair asks whether cacert-board-private or cacert-board maillist includes any items that need to be disclosed to Members.

    6. Chair points actions from last meeting to the meeting, and asks for discussion.

    Election pledge: The outgoing committee has initiated various measures to get the finances under control. In addition, it intends to bring CAcert to Europe in 2019 (preparations are underway to do it with no need to change policies). This means that there will be an SGM in the first half of 2019 anyway. Then it could be decided: - relocate and continue - or wind up. By then it should have become apparent whether we have got the finances under control. For possibilities, see: https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2018-03-01/ideas

    Secretary's pledge: "(if) each board member is willing to do about 10% more during this transition period (he has) time to prepare statutes (for Switzerland) and (prepare the) SGM."

    Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest!

  2. Business
    1. Arbitration
      1. mailing list (update)
    2. Committee
      1. mailing list cacert-inc (review)
    3. Grants: open and new inquiries (BDMC)
      1. Comments regarding message from Ian G and responses on cacert-de.
      2. Formal documented plan for our future: who writes a draft? until when?
    4. Finances
      1. Invoice Hosting 11/2017-05/2018 €1107.65 (formal decision not taken on 2018-07-26)
      2. Hosting Bill (President, Treasurer)
      3. Finance Report 2017/2018 (Treasurer)
    5. Software
      1. Bug 1305: New root (update) (Ted)
      2. Root Certificate Class 3 (end of life) (Brian)
      3. Bug 1260 (and sub bugs 144x): PHP/Software (update) (Brian, GuKK, Peter M)
      4. other (new/pressing/...)
    6. Dummy project (update) (Alex/FD)
    7. Business added by Your Name Comment: Replace "Business One" by Title of Business and add your Name

      • Additional Inputs Comment: Replace "Additional Inputs"by Description of Business, Description of Reason-Why/Purpose, Additional Comments, Additional Documents, Additional Links, if useful for other Committee Members to prepare for Committee Meeting.

    8. et cetera

    Questions from CAcert.org Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here

  3. Question Time
    1. Question One added by Your Name Comment: Replace "Question One" by Your Question and add your Name

      • et cetera
  4. Closing
    1. Agree on date of the next Committee Meeting (Wed/Thu 20 GMT = 21 FR/CH = 15 NY = Thu/Fri 07 AEST)
      1. allready done: 27-12-2018 20:00 UTC
      2. maybe the first in 2019?
    2. Chair closes the Committee Meeting

Logfile

Logfile from meeting 2018-AM-AD

Minutes

Minutes will be written once the meeting is finished, with tasks listed in action items and Actions of this document.

Present: Brian, Frédéric D, Etienn, Frédéric G, Peter, (??)

Apologies: (??)

Missing:

Guests: Dirk, Nemunaire, Alain V, (??)

Preliminaries

At 20:04 UTC Brian took chair and started the meeting.

The minutes were accepted.

Business (There was something not clear about updating the arbitration mailing list. After the meeting, it was confirmed, that the list is up to date since November.) JanDD implemented the change on the board private mailing list already in November.

The secretary put the question of the raison d'être of CAcert on the agenda, as we are only a few. If CAcert continue, we have to concentrate of things that are doable and things that could have success.

The three outcomes that Ian G suggested as likely were:

  1. change the mission.
  2. shut down.
  3. wither away and die.

The president does not like either 2 or 3.

Has CAcert still a "raison d'être"? Not as concurrent of Let's encrypt. But: In the age of ever better fishing campaigns, I find it much easier to convince people of the benefits of the signature (the mail with the attachment is really from me!) than from encryption (I have nothing to hide, that's all on Facebook anyway)! Whereby that looks meanwhile at least with organizations which heard already times "GDPR" in the meantime also again somewhat differently. Actually there would be an approach that CAcert could do a lot of advertising! (Bernhard F)

While asking for money, we have to tell, what we do, what we will do and why we are better than the others or unique in this point.

Brians proposition: CAcert's Mission is to provide a means of securing electronic communication, in a trusted manner, between parties.

A long time ago, I was taught that there were two parts to security. Authentication (who they are) and Authorisation. CAcert can deal with Authentication. If Facebook had authentication, they would not have 500 million fake accounts. It is a big problem in social media. You block an unfriendly person. They just create a new account.

There is a need for securing e-mails exchanges, but this is highly under-used today, because of webmail that too much people use. Should CAcert look for a browser add-on for Webmail? Or are there already such? It sounds as if, if we are to follow our "new" mission, we need to get into the software business, as well as providing the basic certificate and identification services, since people are opting for "convenience," as we know, instead of security.

GMX/web.de has a sign/crypt service for webmail, but we do not know, if only for their own. FD thinks that the certificate is less the problem, and the method of providing security within the platform is of more trouble to us. These topics should be discussed not only in this meeting. It is still not clear, who writes a draft and until when of a formal documented plan for our future.

Finances: We have the last bill unpaid, as there is not as much of money on the paypal account. The committee finds the way, how to get access to the bank account in New South Wales. The PO should have access, Kevin can give it, if they register before at the bank. (Motion: Peter M should be added to the financial team, passed)

Motion: pay Invoice Hosting 11/2017-05/2018 of €1107.65 as soon as the treasurer is able to do.

Software:

  1. Bug 1305: New root (testing actually)
  2. Ales K did the work of updating the .msi installer with the most recent certificates (to be pushed on the web with the coming application release). As it is a hex patch, Dirk propose to publish it on the wiki. It is for lazy customers "it's green, it works", but not on the on our critical server, as we cannot review a msi-file. We will test it on Win 7 and Win 10.
  3. Alex sent yesterday someting about Dummies, as he is on a Chrismas dinner today. It is in german (translated by deepl just now): I am currently writing in the document CAcert for Dummies the article "How (simply) to issue client certificates at CAcert" for Windows and Linux "... and can use" for Windows. With Linux, I find it too difficult to explain it easily. To be on the safe side I try Thunderbird again, for Windows I would like to explain it with Outlook. This is a practical article, since FD wants to arouse interest with the more general chapters before. I stick to your brainstorming about what to write about. (With Linux Etienne will break down linguistically.)

Question Time

  1. How do we compare to https://sectigo.com/products/signing-certificates/email-smime-certificate (to be answered next time)

Closing

We aggreed last meeting on 2018-12-27-20:00 UTC for the next meeting.

Chair closed the meeting at 22:23 UTC

Motions

Actions

Who

Status

Action

Minutemaker

wip

prepare Agenda and Minutes for the next meeting


Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2018-12-13 (last edited 2019-01-13 21:22:09 by EtienneRuedin)