To Software Software - To Software-Assessment - Software/Assessment - To previous meeting - To next meeting
Minutes of the MiniTOP on the 2011-04-26
Setting
The MiniTOP will be held via telco 22:00 CEST
Attendees: Marcus, Dirk, Michael, Uli
Topics
new items in last meeting:
- Uli: to write request to Markus, Andreas to create new cacert1 image and set url for download
- Ted: bug#918 patches to block weak keys by michael, needs to be reviewed
- Michael: Bug #637 Weak Password, file dispute regarding 2nd step: to fix current effected accounts, to be handled under arbitration
- Uli: added patch bug#637 onto testserver, update testers portal, notify tester group
- Michael: Bug#921 review on Wed and add to testserver
- Uli: add patch bug#921 onto testserver, update testers portal, notify tester group, publish blog post "Easter Eggs"
- Ted, Markus, Dirk: Bug#897 2nd review
- Uli: tester to inform regarding class3 certs creation in mailing regarding bug#921
Action items from last meeting Meeting Action Items
- triage test on CATS (Update)
- New Testserver Image 2011-04-21
New bug report (Wytze): Bug #922 "CAcert application code problem causing missing 'certificate about to expire' messages"
- State Testserver Update, Current Patches on Testserver, current running Arbitrations:
Arbitration case a20110312.1 Weak keys
Arbitration case a20110419.1 Bug #637: Weak Passwords
"Thawte" patch Bug# 827 Points-Count-Order-Change project
Prepare Easter Eggs Bug# 921 Policies repository migration
- strategy plans ...
strategy for: "Certificates Class3" problem and "New Roots & Escrow" - proposal to board
Policy Repository migration plan (Ian, u60) (based on bug #671 discussion)
- CI app.test (Update)
- next meeting: Tuesday, May 3, 2011 22:00
Minutes
- walking thru finished action items
- Software-Testing - problem to find -active- testers
- triage test on CATS - no Update
New bug report (Wytze): Bug #922 "CAcert application code problem causing missing 'certificate about to expire' messages"
- one table not in use (domcerts, domlink (to allow multiple domains in one cert))
- email cert is linked to user-id, server cert is linked to domain id
removal of domain -> links to certs issued
- solution by wytze doesn't counts removal of certs on domain revocation
- code needs reviewed corrected, to solve this problem
- table.domlink needs to be filled, domid column in table.domcerts to be removed
- State / Priority: Major, High, Open, New
- strategy plans ...
strategy for: "Certificates Class3" problem and "New Roots & Escrow" - proposal to board
- test group doesn't work
- 2 strategies:
- wait for testgroup
- Software-Assessment project team telco on upcoming Sunday starting 19:00
- verification with crl
Policy Repository migration plan (Ian, u60) (based on bug #671 discussion)
- one dir for draft and policy state
- use subdirs with symbolic links for differenciate wip, draft, policy state
- use textfile with filenames and marker W,D,P `?
- using svn branch ?
- make valid html
- bugs.cacert.org
- migration plans, next steps
- Michael: talk with guys from sonance
- or add VM on it-sls
- migration plans, next steps
- next meeting: Tuesday, May 3, 2011 22:00
Fixed Action Items since last Meeting
Uli
to write request to Markus, Andreas to create new cacert1 image and set url for download
Uli
create new cacert1 image and set url for download
Ted
review: bug#918 patches to block weak keys by michael
Michael
Bug #637 Weak Password, file dispute regarding 2nd step: to fix current effected accounts, to be handled under arbitration
Uli
added patch bug#637 onto testserver, update testers portal, notify tester group
Michael
review: Bug#921 (move PP to /Policy/ and link corrections in policies) on Wed and add to testserver
Uli
after adding patch bug#921 onto testserver, update testers portal, notify tester group, publish blog post "Easter Eggs"
Uli
tester to inform regarding class3 certs creation in mailing regarding bug#921
Uli, Michael
Update Overview Projects Board topics for SA (Update)
Action Items New
- Dirk, Uli: Next Board Meeting: Software-Testing - problem to find -active- testers
Dirk, Michael, Uli: strategy for: "Certificates Class3" problem and "New Roots & Escrow" - proposal to board, working session on Sunday
- Uli: Policy Repository migration plan, updating
Action items: Meeting Action Items
Software/Assessment/ActionItems
Marcus
cap.php review different languages, from meeting 2012-04-24, contact translators
uli
Experience points for ATE attendance
check board motions and/or trigger if not yet passed
uli
Infrastructure separation, to contact secure-u (Frank, Mario, Ted, Sebastian) for discussion, prepare a plan, started 2011-12-18
current state: see Funding Landing Page All
1. next: strategy for "New Roots & Escrow" - using indirect crl's ?
indirect CRL: RFC 5280 http://tools.ietf.org/html/rfc5280 (chapter 5) - test deployment dirk, Michael
3. next: strategy for "New Roots & Escrow" - how does debian work?
to contact, deferred to next events (?)
Uli, Michael
Documentation Bugs.cacert.org Review, documentation I (bugs handbook) svg files to convert to jpg or png
Development, Deployment, Discussion
dirk Brian
DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php)
new bug#964
current state: test /account/4.php added to testserver
Marcus will do detailed tests on Wed
some references added to bug#964 done.
proposal patch from Brian rcvd OAO, Ted
bug #943 change OA admin/assurer text
needs 2nd test -> Fabian, Marc, Alex?
/ needs 2nd review -> Ted, rejected 
uli, Ted
bug #824 Org User cert fix Case study
Organisation User Certificates: Need UI improvement for proper production usage
uli
bug #988 TTP cap form deployment Case study
sneak preview
for local testserver deployment only uli, ted
bug #823 email address removal fix
No warning when removing e-mail address from account that certificates will be revoked
checked by 4, needs 2nd review, deploy
rejected inopiae
bug #920 Join - single name only (eg Indonesian)
details under bug number
uli
bug #859 admin console interface
feature request: show activity on an account in the admin interface
rejected, certs login doesn't modify "modified" field All
bug #1034 files to remove from webdb
eg wot/14
Software Assessors: Review 1 / add to cacert-devel, add to testserver
Software-Assessors task
uli
bug #977 admin console text fix
admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue
Testing
Testers task
gagern
bug #440 Problem with subjectAltName (CSR, renew certs)
There seems to be a problem with the subjectAltName. Dupes, missing entries, and more
neo
bug #922 CAcert application code problem causing missing "certificate about to expire" messages
Ted
bug #835 Assurer challenge (on testserver)
needs testing
Michael
bug #1003 Provide a possibility to regularly review the permissions in the system
also bug #1038 Provide a script for board/tverify reset flags by arbitration a20110118.1
neo
bug #1025 Domain Dispute issue
disputes rc and rc2 var prob
Software Assessors: 2nd Review, Bundle Package to Critical Team
Software-Assessors task
uli, ted
bug #789 OA edit domain fix
Editing domain for organisations does not work
new update 2011-09-26
2 tests, needs 2nd review, deploy
more fixes, more testing6
uli
bug #967 OA isassurer check
Give an OA the opportunity to check if a designated Organisation Administrator is a CAcert assurer
neo
bug #978 Invalid SPKAC requests are not properly validated
recheck full certs signing procedures
duplicate report to bug#540 Michael
p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing
uli, marcus: needs full cert create tests
duplicate report to bug#978 neo
bug #1024 Assurer flag is not set correctly on updatesort.php run
tested by 4, ok
dirk
bug #1023 Consolidate changes into the Assure Someone page
6.php global re-design project
assurance, wot area (Thawte points removal effective) inopiae
New layout of view for Organisation Administrators in account/id35
Software Assessors: Bundle Package to Critical Team
Software-Assessors task
Awaiting Response from Critical Team