• Brain
• CAcertInc
• Committee
• MeetingAgendasAndMinutes
• 2024-03-07

• To Brain CAcert Inc. - CAcert.org Members Association - General Meetings - To Brain CAcert Inc. Committee Meeting Agendas & Minutes - Board's Project Overview - Current Action Items - last meeting - next meeting

Committee Meeting 2024-03-07 19:00 UTC

The meeting will take place at 19:00 UTC at https://meet.jit.si/cacert If you do not have audio channel, you may try in the IRC channel #board-meeting on the CAcert IRC network.

Feel free to add a business item within the acceptance period of 48 hours or your question to the board below. Non-committee members: the committee may choose to convert any business proposed as a question in the questions section.

Agenda

Signs that appear in the agenda
Formulated motion on your topic. It will be put to the vote. Adjustments may be made before the vote. A motion must be submitted for resolutions!
Information for your attention. Does not need to be explained or discussed at the meeting. Purpose: Everyone is up to date. (max. 10 seconds) Discussion topic with or with no decision.

1. Preliminaries one
   1. Chair opens the Committee Meeting
   2. Who is making minutes?

   3. Chair asks whether cacert-board-private or cacert-board maillist or Threema chat or Telegram group includes any items that need to be disclosed to Members.

   4. Accept minutes from 1. Feb 2024 "I move to accept the minutes of the committee meeting of 1st of Feb 2024."

   5. Agree on the 4th of April 2024 as date for the next committee meeting. (Following dates probably 2. May, 6. June, 4. July 2024 18:00 UTC)

   6. Agree that the April meeting (and the followings) are held at 18:00 UTC (that is still 20:00 CEST in central Europe).

2. Business
   1. Decisions

   2. OpenID
      issue: alpha or beta version available
      who: Brian, +?
      what help needed:
      next step: (do we know someone who could get a hand to be asked directly?)

   3. ERP / other tool
      issue: install, following plan
      who: Frédéric G, Etienne
      what help needed:
      next step: Frédéric will propose a tool for accounting and members list

   4. Big Mail
      issue: review and sending
      who: Etienne, Dirk
      what help needed: none
      next step: review under way in Feb/March by Dirk and Etienne, ongoing)

   5. Elephant (Mission & Future)
      issue: keep in mind; organisational improvements
      who: Frédéric D, +?
      what help needed:
      next step:

   6. Paypal
      issue: get the money (when, the 180 days are over?) (ClawbackAction)
      who: Frédéric G, Etienne, +?
      what help needed:
      next step: (last steps: conference call FG, FD, ER on Jan 28; hand over all documents MR to FG Jan 31)

   7. Class 1 / Class 3
      issue: singer issues: repair or change the policy
      who: Kim, +?
      what help needed:
      next step: submit proposals or drafts for discussion at Policy group
      There are known issues with the signer. Some which need to be fixed and some that should not be fixed, as they aren't in line with how certificates should be used today (processes which have been incorrect for many years). Unfortunately, there are some old rules in CAcert documentation, specifically in the CPS, which seem to prohibit the necessary changes and improvements to the certificate creation and signing process. This means that the CPS, and perhaps other documentation needs to be rewritten, and some will require acceptance of the Policy group. A new version of documents need to be created and proposed, and when they are accepted, the necessary work on more correct processes can begin. A first draft has been created, and shared among Board and a few other active members.
      See also proposition from Aleš at the minutes of January https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-01-04

   8. SGM Future (by FG)
      issue: maybe dissolution of the association?
      Next steps: Create a detailed plan (step-by-step of a possible process) for the attention of the SGM
      Who: Frédéric G.
      help needed: ?

   9. Background checks
      issue: keep the ball running; more background checkers
      who: Brian, Etienne
      what help needed: background checkers
      last month: tried to get in touch
      next step: Stay tuned

3. on hold (for later this year)
   1. Infrastructure: (Dirk)

      1. Start thinking about planning when to do things about new roots, so we are prepared several years in advance, as no certs should have a end-date after any root certificates. Also take a look at the old Escrow article. https://wiki.cacert.org/Roots/EscrowAndRecovery

      1. How is it going with implementing LetsEncrypt certificates on public facing services, instead of keeping them behind CAcert's "unknown" certificates?

   2. Remote Assurance (Brian)

      1. Creation of remote assurance sub committee (RASC) on the hold until Eva is available for the policy. Secretary got in touch with Eva on Oct. 12.
         "Users Requests, summarized." added by Aleš a) need for a distant assurance (no assurers, no TTP possibility in their country); b) need for the write access to our Wiki.

   3. Background Check
      1. done

         1. BGC for Gero: Interview happened (by Ted&Etienne), committee is waiting for the report (has to be sent by Gero).

      2. pipeline

         1. BGC for Brian: who (no board member in BGC team! (Egal/JanDD) Brian has to re-contact the two checkers at 01 sept 2023.

         2. BGC for Peter is initiated. (date searching; Interview by Ted&Egal)

         3. BGC for Matthias are initiated. (date searching started in August 2022)

         4. BGC for Sascha are initiated. (language: en or de)

   4. Any other business (board members forgot to ask the secretary to put it on the agenda)
   5. What's coming next? ???
4. Question Time

   Questions from CAcert.org community members can be added until beginning of committee meeting! As well questions can be asked at "Question Time", without added question here.

   1. Would it be possible to make an Interim Measure? I have prepared the text of proposals. added by Aleš Kastner

   2. "Question One." added by Your Name Comment: Replace "Question One" by your Question and add your name

1. Closing

1. To remember: Goals 2021/2022 (propositions by board 2020/2021) - Each goal needs a responsible person on the board who keeps an eye on it and reports regularly, keeps in touch with the responsible people. obsolete / started / waiting for available time

   • push OrgA (Guy)
   • expand PR (Alex cannot do this, wants to hand over)

   • delivering the OpenID Connect integration, for which CAcert is funded by the RIPE NCC.

   • expand background check

   • remote assurance, if accepted by the community;

   • simplify the certificate creation (this enables the start of various projects from the pipeline)

   • software development and testing

   • New CSR software

   • support SecureU (find an active board member for them in Germany)

2. Not to forget: Staffing the teams
   1. Applicants to the Infrastructure team
   2. Applicants to the Development team
   3. Applicant to the Critical team

1. Access to local systems for board members

1. Tasks assigned to Board Members and others

1. Software Team

   1. Issue 1502: Adapt the UI at CAcert.org to deal with the "keygen" feature having been removed in browsers (Some of this will be met with 1551 )

   2. Issue 1482: Limit validity period of new HTTPS certificates to one year

   3. Issue 1444: PHP - Brian

   4. Issue 1417: Keygen / new CSR software - Bernhard

2. Organisation Assurance
   1. How to relance OrgA? (Guy)
3. Grant applications

   1. Protopype Fund https://prototypefund.de/en/ (mail to SW Board only)

      1. The Prototype Fund is a project of the Open Knowledge Foundation Germany, funded by the Federal Ministry of Education and Research (BMBF). This is for residents of Germany only. We could create a group of people that work on a project for CAcert (with all support of the others in the background). It runs for two more years, every 6 month.
      2. Infra does not see any acute need at the moment, and does not have the capacity to provide qualified support.
      3. There are some ideas for software, but in infra's view there is still a lot of conceptual and preparatory work missing. What Infra could imagine is financing people to carry out a requirements analysis and write a requirements and test specification. This could then be used as a basis for a new implementation of the CAcert software (WebDB, Signer and perhaps other things like CATS). But these are just a few ideas of JanDD and he cannot currently recommend any people who would be suitable for this. Potential candidates would have to deal intensively with the existing software on the one hand and with the underlying policies on the other, and would have to identify a lot of missing information, ask for it and make assumptions for discussion. This requires very good analytical and communication skills and a high level of stamina.

1. Blockchain

   1. see here: https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2018-03-01/ideas#Blockchain (waiting for answer from IanG)

Minutes Committee meeting - 2024-03-07

Present, by alphabetical order

* Aleš Kastner * Étienne Ruedin - Secretary * Frédéric Dumas * Frédéric Grither - Treasurer

Absent or silent, by alphabetical order

* Brian McCullough - President * Kim Nilsson - Vice president

1 Opening

From November 2023 to March 2024 inclusive, committee meetings will be held at 19:00 UTC.

* Chair Étienne opens the meeting at 19:10 UTCs. * Frederic D. invite everyone to join the livepad on Nextcloud for collaborative note-taking of our minutes. * No participants noted any important messages on the CAcert discussion lists. * [The minutes of the meeting of 2024-02-01](https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-02-01#Minutes) are submitted to the members of the committee for approval. Etienne moves to accept the minutes of the committee meeting of 4th of Jan 2024. Frédéric D. seconds the motion.

Result of the vote:

> Aye: 4 > Naye: 0 > Abstain: 0

The minutes of the 1st of February meeting are **accepted**.

2 Business

1 Alternative ERP proposed by Frédéric G.

Frédéric G. recommends using a spreadsheet on NextCloud for the year's accounts, which would be an acceptable way of doing things. Since we already have Nextcloud, note that there is a certified Nextcloud Office package that can be added. This would enable us to make collaborative spreadsheet updates directly online <https://nextcloud.com/office/>.

Based on FG's experience, he advises against Only Office, which currently has several drawbacks.

FG studied another option, which would be to deploy CiviCRM, an NGO management software, which also requires a mySQL database like we already have for Nextcloud. Frédéric G. met a French-English Belgian CiviCRM expert at a FOSDEM boot in early February, who is able to help with implementation or hosting on a remote server <https://civicrm.org/providers/Business-and-Code> (paid).

2 E-mail to be sent to all our members, aka "Big Mail" by Étienne

An email prepared by Étienne was submitted to Dirk for proofreading.

3 Paypal by Frédéric G.

Frédéric D. will help Frédéric G. to write to the dedicated Paypal's person with copy to the Supervision Monetary Authority of Singapore at paypal+swiss@cacert.org, and to ensure that the email is delivered.

4 Class Root certificates and signer issues, by Aleš

Étienne will ask Dirk and Jan to respond to Aleš's proposals. Aleš reports that he has already received partial responses from Jan.

5 Early General Meeting, by Étienne

3 Question time

Closing

1. Chair Étienne closes the meeting at 20:03 UTC. 2. Date of the next meeting

• Following the tradition or the first Thursday of the month, the next meeting will be held on Thursday April 4th, 2024 at 18:00 UTC.

Motions

• https://motion.cacert.org/motions/m20231207.1 (Constitution)

• https://motion.cacert.org/motions/m20231207.2 (Minutes November meeting)

• https://motion.cacert.org/motions/m20231207.3 (Minutes Elephant meeting)

Actions

• CategoryBoardMinutes