. '''To Brain''' '''[[Brain#CAcert_Inc._-_CAcert.org_Members_Association| CAcert Inc. - CAcert.org Members Association]]''' - '''[[AGM|General Meetings]]''' - '''To Brain CAcert Inc. Committee''' '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes| Meeting Agendas & Minutes]]''' - '''[[OverviewProjectsBoard|Board's Project Overview]]''' - '''[[Brain/CAcertInc/Committee/ActionItems|Current Action Items]]''' - '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-05-02|last regular meeting]]''' - '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-05-16|SGM meeting]]''' - '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-07-04|next meeting]]''' ---- = Committee Meeting 2024-06-06 18:00 UTC = The meeting will take place at '''[[http://www.timeanddate.com/worldclock/fixedtime.html?msg=Board+Meeting&iso=2024-05-02T18:00:00|18:00 UTC]]''' at https://meet.jit.si/cacert If you do not have audio channel, you may try in the IRC channel '''#board-meeting''' on the [[https://irc.cacert.org/#board-meeting|CAcert IRC network]]. Feel free to add a business item within the acceptance period of 48 hours or your question to the board below. Non-committee members: the committee may choose to convert any business proposed as a question in the questions section. || '''Daylight Saving Time:''' 18:00 UTC = 20:00 CEST (Geneva) = 14:00 EDT (New York) || == Agenda == '''Signs that appear in the agenda'''<
> Formulated motion on your topic. It will be put to the vote. Adjustments may be made before the vote. A motion must be submitted for resolutions!<
> {i} Information for your attention. Does not need to be explained or discussed at the meeting. Purpose: Everyone is up to date. (max. 10 seconds)<
> (!) Discussion topic with or with no decision. 1. Preliminaries one 1. Chair opens the Committee Meeting 1. Who is making minutes? 1. Chair asks whether [[https://lists.cacert.org/wws/arc/cacert-board-private|cacert-board-private]] or [[https://lists.cacert.org/wws/arc/cacert-board|cacert-board]] maillist or Threema chat or Telegram group includes any items that need to be disclosed to Members. 1. Accept minutes from [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-04-04#Minutes|4. April 2024]] "I move to accept the minutes of the committee meeting of 4th of April 2024." 1. Accept minutes from [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-05-02#Minutes|2. May 2024]] "I move to accept the minutes of the committee meeting of 2nd of May 2024." 1. Accept minutes from [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-05-16#Minutes|16. May 2024]] "I move to accept the minutes of the committee meeting of 16th of May 2024." 1. Agree on the 4th of July 2024 as date for the next committee meeting. (Following dates probably '''8. Aug. 2024''', 5. Sept 2024, 3. Oct 2024, 7. Nov 2024 18:00 UTC) 1. Business 1. Decisions 1. 1. Background Check 1. done 1. {i} BGC for Brian is done. Report received by the secretary. 1. {i} BGC for Gero: Interview happened (by Ted&Etienne), committee is waiting for the report (has to be sent by Gero). 1. pipeline (list to review, complete, slow down or speed up) 1. {i} BGC for Peter is initiated. (date searching; Interview by Ted&Egal) 1. {i} BGC for Matthias are initiated. (date searching started in August 2022) 1. {i} BGC for Sascha are initiated. (language: en or de) 1. {i} '''e-Mail 3'''<
>issue: implement new addtional standards<
>who: Kim, JanDD<
>done: analysis<
>next step: implement SPF, followed by DKIM/DMARC; steps SRS/validation after SGM<
>what help needed: Until more people show up to do the actual work, Jan does not see that step 5 (validation) will happen. There is no way this will happen in short term. 1. '''OpenID'''<
>issue: alpha or beta version available<
>who: Brian, +?<
>what help needed:<
>next step: glue together 1. '''CiviCRM'''<
>issue: install, following plan<
>who: Frédéric G<
>what help needed: Brian looks for a way outside critical<
>next step: Frédéric will install/introduce it for accounting and members list 1. {i} '''Big Mail'''<
>issue: review and sending<
>who: Etienne, Dirk<
>what help needed: none<
>done: text finished; provereading<
>next step: sending) 1. '''Affiliate'''<
> {i} The booking.com affiliate account is now connected to Swiss bank account. If you book your trips via the button on our site, we receive a few dozen euros. 1. '''Paypal''' 1. {i} issue: get the money ([[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2023-09-07/ClawbackAction|ClawbackAction]])<
>who: Frédéric G, Etienne, +?<
>On May 3rd, PP announced after 300 days, that our funds will sent to our bank account within 2-3 days.<
>On May 6th the funds arrived in Switzerland at the bank account.<
>The treasurer did not close all Singapore based PP accounts at the moment, as there is still a complaint and we hope to get some money as we did in 2020 in Australia. 1. {i} issue: Paypal Australia blocked the Australian account on xx-05-2024.<
>next steps:<
>who: 1. Bank Account and Money Transfer Rules or Policy [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-06-06/BAaMT|BAaMT]] (content; internal rules or policy? -> adapt title)<
> "I move to accept the "xxxx" as discussed." (maybe "submit to policy group") 1. '''Class 1 / Class 3'''<
>issue: change the policy<
>who: Kim, +?<
>what help needed:<
>next step: submit proposals or drafts for discussion at Policy group 1. '''SGM Future''' (by FG)<
>issue: maybe dissolution of the association?<
>Last step: Pro and con discussed at [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-05-16|SGM meeting]] on May 16th 2024<
>Next steps: Fix a date<
>see table in the annexe for details<
>please see not only the limit (Fix Date) but also the reality (When done?) as always a volunteer has to do it in time<
>Who: Frédéric G. and Secretary<
>Annexe: [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-06-06/SGM]] 1. '''Background checks'''<
>issue: keep the ball running; more background checkers<
>who: Brian, Etienne<
>what help needed: background checkers<
>last month: tried to get in touch<
>next step: Stay tuned 1. on hold (for later this year) 1. Infrastructure: (Dirk) 1. Start thinking about planning when to do things about new roots, so we are prepared several years in advance, as no certs should have a end-date after any root certificates. Also take a look at the old Escrow article. https://wiki.cacert.org/Roots/EscrowAndRecovery 1. How is it going with implementing LetsEncrypt certificates on public facing services, instead of keeping them behind CAcert's "unknown" certificates? 1. Remote Assurance ('''Brian''') 1. {i} Creation of remote assurance sub committee (RASC) on the hold until Eva is available for the policy. ~-Secretary got in touch with Eva on Oct. 12.<
>''"Users Requests, summarized."'' added by Aleš a) need for a distant assurance (no assurers, no TTP possibility in their country); b) need for the write access to our Wiki.-~ 1. Any other business (board members forgot to ask the secretary to put it on the agenda) 1. What's coming next? ??? 1. Question Time {{{#!wiki note Questions from CAcert.org community members can be added until beginning of committee meeting! As well questions can be asked at "Question Time", without added question here. }}} 1. ''Would it be possible to make an Interim Measure? I have prepared the text of proposals.'' added by Aleš Kastner 1. ''"Question One."'' added by Your Name ''Comment: Replace "Question One" by your Question and add your name'' 1. Closing ## 1. (!) Setting priorities for the first part of the year (discussion, decision) ## 1. OpenID, Elephant, ERP ## 2. Big Mail, Paypal, Backgroundcheck ## 3. OrgaA, Tax exemption<
><
>Following the '''priorities''', some of the following topics have to be moved back in time. They will be picked up a soon as another has been completed: ## 1. '''OrgA'''<
>issue: reactivate and create group<
>who: ?, +?<
>what help needed:<
>next step: ---- 1. To remember: Goals 2021/2022 (propositions by board 2020/2021) - Each goal needs a responsible person on the board who keeps an eye on it and reports regularly, keeps in touch with the responsible people. {X} obsolete / (./) started / {OK} waiting for available time * push OrgA (Guy) * expand PR (Alex cannot do this, wants to hand over) * (./) delivering the OpenID Connect integration, for which CAcert is funded by the RIPE NCC. * (./) expand background check * {OK} remote assurance, if accepted by the community; * (./) simplify the certificate creation (this enables the start of various projects from the pipeline) * software development and testing * (./) New CSR software * {X} support SecureU (find an active board member for them in Germany) 1. Not to forget: Staffing the teams 1. Applicants to the Infrastructure team 1. Applicants to the Development team 1. Applicant to the Critical team <> 1. Access to local systems for board members ||''Person'' ||''Board-Private'' ||''Committee Archive'' ||''Wiki'' ||''Nextcloud'' || || Brian || (./) || (./) || (./) || (./) || || Etienne || (./) || Admin || (./) || (./) || || FrédéricD || (./) || (./) || (./) || Admin || || FrédéricG || (./) || (./) || (./) || (./) || || Kim || (./) || (./) || (./) || (./) || || Michael || (./) || (./) || || (./) || || Wacław || || (./) || || ? || || Aleš || (./) || (./) || (./) || (./) || 1. Tasks assigned to Board Members and others ||''Person'' ||''Task'' ||''Deadline'' ||''Other People Involved'' ||''Notes'' || ||Brian ||''Contact QA/QC Volunteers'' ||''10 January 2022'' ||''Gero Treuner, Peter Nunn, others?'' ||''To begin work, they do not need ABC.'' || ||Brian ||''bla'' ||'' 2022'' ||''xxx'' ||''xx.'' || ||Brian ||''bla'' ||'' 2022'' ||''xxx'' ||''xx.'' || || || || || || || ---- 1. Software Team 1. Issue [[https://bugs.cacert.org/view.php?id=1502|1502]]: Adapt the UI at CAcert.org to deal with the "keygen" feature having been removed in browsers (Some of this will be met with [[https://bugs.cacert.org/view.php?id=1502|1551]] ) 1. Issue [[https://bugs.cacert.org/view.php?id=1482|1482]]: Limit validity period of new HTTPS certificates to one year 1. Issue [[http://bugs.cacert.org/view.php?id=1444|1444]]: PHP - Brian 1. '''Issue [[http://bugs.cacert.org/view.php?id=1417|1417]]: Keygen / new CSR software - Bernhard''' 1. Organisation Assurance 1. How to relance OrgA? (Guy) 1. Grant applications 1. Protopype Fund https://prototypefund.de/en/ ([[https://lists.cacert.org/wws/arc/cacert-committee-archive/2021-05/msg00005.html|mail to SW]] Board only) 1. The Prototype Fund is a project of the Open Knowledge Foundation Germany, funded by the Federal Ministry of Education and Research (BMBF). This is for residents of Germany only. We could create a group of people that work on a project for CAcert (with all support of the others in the background). It runs for two more years, every 6 month. 1. Infra does not see any acute need at the moment, and does not have the capacity to provide qualified support. 1. There are some ideas for software, but in infra's view there is still a lot of conceptual and preparatory work missing. What Infra could imagine is financing people to carry out a requirements analysis and write a requirements and test specification. This could then be used as a basis for a new implementation of the CAcert software (WebDB, Signer and perhaps other things like CATS). But these are just a few ideas of JanDD and he cannot currently recommend any people who would be suitable for this. Potential candidates would have to deal intensively with the existing software on the one hand and with the underlying policies on the other, and would have to identify a lot of missing information, ask for it and make assumptions for discussion. This requires very good analytical and communication skills and a high level of stamina. 1. Blockchain 1. see here: https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2018-03-01/ideas#Blockchain (waiting for answer from IanG) ## ####################################################################################### ## FILL IN MEETING AGENDA ITEMS FROM LAST MEETING MINUTES DEFERRED TO NEXT MEETING ## ####################################################################################### <> == Minutes Committee meeting - 2024-06-06 == * Present: Frédéric Dumas, Frédéric Grither, Étienne Ruedin * Absent: Brian McCullough, Kim Nilsson, Aleš Kastner * Guest: Dirk '''1 Opening''' Chair Etienne opens the meeting at 18:15 UTC. Minutes are written by FD&ER Approval of the minutes of the previous meeting may 2, 2024. Result of the vote: Aye: 2 Naye: 0 Abstain: 1 / The minutes were accepted. The minutes from April 4 are postponed again, as not updated as requested. The minutes from May 16th are postponed, as not published in the wiki as linked. We agree on the 4th of July 2024 as date for the next committee meeting. (Following dates probably 8. Aug. 2024, 5. Sept 2024, 3. Oct 2024, 7. Nov 2024 18:00 UTC) '''2 Business''' '''Background Check''' The report for the BGC of Brian was received by the secretary. '''OpenID''' Brian wrote the web tool for OpenID Connect. This is needed to get the necessary client ID and client secret for configuration of OIDC/OAuth2.0 in Wordpress/Drupal/... The webinterface is work in progress, it is accessibly as an php-webinterface for anybody (having a CAcert class 3 client certificate). In the background authentication servers are using hydra as software. More reference web-implementations are planned with different languages (like python/go(script) ). This could be done by anybody (as it does not necessarily need to run on cacert servers). '''CiviCRM''' Frédéric G will get in touch with Brian (Brian looks for a way outside critical and Frédéric will install/introduce it for accounting and members list) '''Big Mail''' It is review and we are provereading it. It will be sent soon. '''Paypal''' As announced at the beginning of May, the Paypal account opened in Switzerland has been unblocked. Frédéric G immediately transferred the entire credit balance to our account in Switzerland at Graubündner Kantonalbank. Etienne confirmed the money is in. CAcert's historic Paypal account, opened in Australia, is currently blocked once again with no reason. Frédéric G is working to have it unblocked again. He will also check what are the residual balances on two CAcert's bank accounts at WestPac Bank. This operation may need the assistance of local Australian CAcert volunteers. Although we don't publicly announce anymore our Paypal accounts to membership fees or donations. '''Bank Acccount and Money Transfer Rules (BAaMT)''' A set of rules restricting the use of transfers and bank accounts by CAcert Inc. was proposed for discussion by email at the beginning of May. Étienne asked that these rules be adopted by the committee at the present meeting. https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-06-06/BAaMT Frédéric D. asked for the discussion period to be extended before a decision was taken, regretting that once again CAcert was trying to solve a problem by adding a new body of rules to an already heavy body of rules. Frédéric G and Etienne point out that these are only best practices from the past five to six years of the secretary and treasurer, which have been compiled so that future people can benefit from their experience and the money is always safe. Result of the vote*: Aye: 2/4, Naye: 0/0, not voted: 1/1 / The BAaMT are accepted. ~-* For transparency are given the result at the meeting (before the slash) and the result at the end of the voting period of 3 days as recorded by the voting machine. There was a clear majority in both cases. The quorum applies to the Board members present and not to the number of people in favour. If the quorum had not been met, the meeting would have been cancelled and the voting period in the voting machine would have been extended to seven days. The result would have become legally binding four days later.-~ '''SGM Future of CAcert Inc''' (a) It is pointed out, that the discussion at policy group has to be launched by the people who want it. As decided in a previous meeting, the secretary has to inform the community about it. Dirk proposed that the announcement of the discussion and the publication of the preparatory document should not allow comments to be posted, in order to encourage the discussion to take place on the Policy Group's discussion list. In the e-mail communication to members, it was agreed that Étienne should include a link to the preparatory document, to provide members with useful information about the nature of the forthcoming discussion. Furthermore, this document should also be part of the start post in PolG (added at the end of the first message by the poster). The majority view was that the Secretary should only inform the community once the discussion in the PolG has started. The set of arguments should also be published in the PolG at the start of the discussion, as this is the place where the panellists need it. (b) The decision for the date of the SGM is deferred to a future meeting. The Special general meeting of CAcert Inc. members should be held in September. '''3 Question Time''' * Werner Dovrak, former support engineer and board member and president of Inc, passed away on 30 April. The secretary should inform the members trough the [[https://blog.cacert.org/2024/05/werner-dworak-verstorben/ |blog]]. * Our presence at [[https://froscon.org/programm/aussteller/ |FrOSCon]] is on a good way. Closing Chair Étienne closes the meeting at 20:03 UTC. Date of the next meeting: 4th of July 2024 as date for the next committee meeting. (Following dates probably 8. Aug. 2024, 5. Sept 2024, 3. Oct 2024, 7. Nov 2024 18:00 UTC) <> === Motions === * https://motion.cacert.org/motions/m20240606.1 (Minutes May meeting) * https://motion.cacert.org/motions/m20240606.2 (BAaMT) * https://motion.cacert.org/motions/m20240606.3 (Background check) <> === Actions === || ''Who'' || ''Status'' || ''Action'' || || Minutemaker || wip || prepare Agenda and Minutes for the next meeting || || Brian || Software meeting || every 2 month || || Secretary || bank || accounts, contact with treasurer || ---- . CategoryBoardMinutes