Software
Contents
Team(s)
Security Policy Section 7 documents the Software Assessment Team with the role of the security and maintenance of the code. SecurityManual also says more, under SP.
mailing list is the current hang-out place for software people.
The Development Team (rather than the Assessors).
The teams consist of:
- Software Assessment
- under SP,
- includes Application Engineers,
- appointed by Board.
- Software Development
- informal, submits patches to Software Assessment,
- join the maillist, write code.
- Testing
- informal,
- takes patches from Dev, installs it on test server,
- returns test results, sometimes with fixes.
Software/Internships are possible.
Team Meetings
Team Meetings are held on the IRC channel #cacert-devel on https://irc.cacert.org. It is intended to hold a meeting every second Friday at 20:00 UTC. But check the Meeting Overview page, and maybe the most recent protocol for details.
See Software/Meeting/Overview.
The Software
- Database is described:
Schema currently in use, a wip.
Location Database describes the schema and sources of location information.
- Source code
VMWare Development Image for creating your own test system
Software/Licence describes normal licence conditions (drafty)
Software/UsedFunctions lists all user defined functions within the software.
Software/Translation describes how texts of the user interface are translated into different languages.
The Software/WindowsMSIInstaller decribes the installer that can be used on Windows to install the CAcert root certificates.
(mark the pages describing software with the CategorySoftware label, as seen at bottom)
Tests
If you want to assist in testing have a look at Software/Assessment/FAQ!
Software-Assessment
Software Assessment is the review of patches by others, and is conducted under SP#7 and SM. The Software Assessment team consists of:
A new Software Assessment team and project is being built up. For more info see the Software Assessment Team page.
- Status: wip
Current Project Team: see Software-Assessment Project team
- Objectives:
- Build Testserver + Repository Server Image(s) (VM) (Wytze, Andreas)
- Create Repository System (Markus, Michael)
- Create Testserver (Environment)
- Build + Document Software-Patches Flow Process
- Build + Document Path Software-Assessment Team / Critical Team
- Build + Document Emergency Patches Path
Development Process
Bugs Tracking System (a.k.a. Mantis) is where all changes to the software should be entered into, requested, prioritised and tracked.
AuditSystemTasks are some business tasks that should be in Bugs.
Brain/Study/COrbitCA is the renamed CCA Rollout Project?
notes on current development process (customary not standard)
Current practice document: Software/Assessment/Documentation
Testing is part of the general Software area:
CCA Patch Testing project has now been sliced up into several mini-patches
BirdShack
Current status end of 2018: AFAIK the project is not usable, and everyone working on it has left or is not active anymore. So most probably the project is currently dead. BernhardFröhlich
One effort is the creation of a new CA in software, called BirdShack. Current situation:
Architectural work from the Innsbruck Software MiniTOP (April 2009).
- Early design notes are in the repo. Hmm, any URL for reference?
we need to rationalise all this doco stuff
The repository is part of the main Software Assessment repository system.
Original Team consisted of MarioLipinski + Iang. Alejandro and Philipp D also contributed at the Innsbruck Software MiniTOP.
Ada Lovelace did an internship with Iang in summer of 2012 to create a first cut middleware server according to the REST design.
Links and references:
PKISoftware is a list of "competing" products that might fit the bill. Why re-invent the wheel?
Deprecated repository: original BirdShack wiki (cl)
Possum is a conceptual project / idea to do a signing server / secure module.
some ideas to add to BirdShack from Ted.
Software/IntegrationInterface might be new ideas for better interfaces.
Infrastructure
In support of software development, there are various systems:
Requirements for Source Code Repository. Starter page rather than a specification, comparisons.
Software/Assessment/testserver is the Infrastructure group's page on the Test system. Running Test systems is a shared responsibility, and, as it is open to download and setup, it is more important that it is done and documented and shared than who does it. The "old" version of this page (which may be more detailed in some aspects) is at SystemAdministration/Systems/Test
Development and Maintenance of the CAcert Training System (CATS)