To Software Software - To Software-Assessment - Software/Assessment - To previous meeting - To next meeting
Minutes of the MiniTOP on the 2011-06-07
Setting
The MiniTOP will be held via telco 22:00 CEST
Attendees: dirk, Ted, uli, magu, marcus, alex, michael
Topics
new items in last meeting:
- Alex, Ian, Pieter - prepare pressrelease about class3 project
Uli - documentation: sources of class3 fingerprint
- Michael, Dirk, Uli - prepare patches, update wiki and other sources with new class3 fingerprint
- Michael - mantis bug: notification emails missing
Michael - mantis bug: bug #854 (white page)
- Michael, Dirk, Ted - * New bug fixes:
Action items from last meeting Meeting Action Items
the Bug #948 impact on mail delivery (non RFC-2821 compliance)
- dirk: wot.php analysis (read email from last week)
- triage test on CATS (Update)
bug #942 (cats test) (ted), triage test on CATS (Update), to review, to test, no update
- State Testserver Update, Current Patches on Testserver, current running Arbitrations:
Arbitration case a20110312.1 Weak keys
Arbitration case a20110419.1 Bug #637: Weak Passwords
"Thawte" patch Bug# 827 Points-Count-Order-Change project
- strategy plans ...
strategy for: "Certificates Class3" problem and "New Roots & Escrow" - proposal to board, done in last board meeting
- upgrade plan: Press release, Announcements to be presented to board by Community
m20110515.2 "Class 3 Certificate Resign"
m20110515.3 "Prepare press statement about Class 3 Resign"
That we ask the community to prepare a press statement, to be sent to various groups, and to be accepted by Board before sending out.
Press release written: Roots/Class3ResignProcedure/PressRelease
Approved by board: m20110605.2
- translations: Dutch, French, Spanish, Russian requested
- Testgroup: recruit new testers, update
m20110515.4 "Rewarding testers"
Result: May-2011 report
- requested confirmation from winner #2, no response so far
- next: blog post
- CI app.test (Update)
- next meeting: Tuesday, June 14, 2011 22:00
Minutes
- Alex, Ian, Pieter - prepare pressrelease about class3 project, press release is prepared, translations triggered
Uli - documentation: sources of class3 fingerprint
- Michael, Dirk, Uli - prepare patches, update wiki and other sources with new class3 fingerprint
- webdb
/pages/index/3.php and 16.php to fix, also to add link to Roots/StateOverview
see Bug #946
- capnew.php and coapnew.php to modify, removal project defered
- flyer
- no label, but 1/3 page of A4 page printout, to cut in 3 pieces to insert in each flyer
- who ?
- nobody?
- Marcus, builds addon
- sends proposal, accepted
- adding links: upcoming events,
capnew.php doesn't work on cacert1.it-sls.de, pdf error message, added Bug #950
<strong>TCPDF error: </strong>Can't open image file: logos/CAcert-logo-colour-1000.png
- webdb
- Mantis bugs: fixed
bug #942 (cats test) (ted), triage test on CATS (Update), to review, to test
- reviewed by michael
- connection permissions to mgr system for ted
- m20110515.4 "Rewarding testers" post proposal, publish with updated infos, May-2011 report
- 3 simple reports, 2 winners rewarded and given back as donation, with aphexer in communications to handle this
the Bug #948 impact on mail delivery (non RFC-2821 compliance)
- affects email check
- affects domain check
- accepted, will be fixed
capnew.php Bug #950
- request to michael, to execute
- cp /home/cacert/cacert4.png /home/cacert/www/www/logos/CAcert-logo-colour-1000.png
- capnew.php pdf generation now works on cacert1.it-sls.de
- dirk: wot.php analysis (read email from last week)
- fyi
"Thawte" patch Bug# 827 Points-Count-Order-Change project
- problems with includes
Michael: use -> include_once($_SESSION['_config']['filepath']."/pages/index/$id.php");
- problems with includes
- Rollout Date ?
- Thursday or Friday this week ?
- Webdb patches under construction by Michael, Ted
Arbitration case a20110312.1 Weak keys
- workshop session before next weeks meeting, starting 21:00 UTC
- next meeting: Tuesday 2011-06-14, 21:00 weak keys test workshop, 22:00 regular meeting
Fixed Action Items since last Meeting
Alex, Ian, Pieter
prepare pressrelease about class3 project
{g}
Uli
documentation: sources of class3 fingerprints
{g}
Michael
mantis bug: notification emails missing
{g}
Michael
mantis bug: bug #854 (white page)
{g}
Dirk
strategy for: "Certificates Class3" problem and "New Roots & Escrow" - Press release, Announcements to be presented to board by Community: contact alex
{g}
Uli
m20110515.4 "Rewarding testers" post proposal, publish with updated infos, May-2011 report
{g}
Action Items New
- modify/split: Michael, Dirk, Uli - prepare patches, update wiki and other sources with new class3 fingerprint
- webdb
/pages/index/3.php and 16.php to fix, also to add link to Roots/StateOverview
see Bug #946
- capnew.php and coapnew.php to modify, removal project defered
- wiki updates
- svn updates
- webdb
- Marcus: flyer update: no label, but 1/3 page of A4 page printout, to cut in 3 pieces to insert in each flyer (fixed within meeting)
capnew.php doesn't work on cacert1.it-sls.de, pdf error message, added Bug #950 (fixed within meeting)
- Alex, Michael, Dirk, Ted, Uli, Critical Team: Proposed Class3 Subroot Re-sign project Rollout Date: Thursday 2011-06-09 or Friday 2011-06-10
modify: All - Arbitration case a20110312.1 Weak keys, workshop session before next weeks meeting, starting 21:00 UTC
Michael, Dirk, Ted: the Bug #948 impact on mail delivery (non RFC-2821 compliance)
Action items: Meeting Action Items
Software/Assessment/ActionItems
all
proposed Apache config SSLCipherSuite settings for CAcert SSL enabled infrastructure systems
see also BEAST migration https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls
Proposal from Sysadm list 2013-09-06{0}
SA
documentation server cert design concept to SystemAdministration/Systems/Development/Prepare
{0}
all
{0}
BenBE, Marcus
documentation: developer git repos under github
bug #1131 history @ github
CAcertOrg @ github
started under Software/Assessment/Documentation/UpdateCycle/step1{0}
NEO
{0}
all
read x509 guide
{0}
all
bug#1068 blog problem (also relates to community)
debian lenny - edge - squeeze upgrades needed
alternate: new server with squeeze, install wordpress, transfer domain
workaround: configure your FF FAQ/BrowserClients{g}
uli
Experience points for ATE attendance
check board motions and/or trigger if not yet passed{0}
uli
Infrastructure separation, to contact secure-u (Frank, Mario, Ted, Sebastian) for discussion, prepare a plan, started 2011-12-18
current state: see Funding Landing Page
May 2013: tk-server sponsoring, tk-server rcvd, deployment: WIP, project not yet finished{0}
All
1. next: strategy for "New Roots & Escrow" - using indirect crl's ?
indirect CRL: RFC 5280 http://tools.ietf.org/html/rfc5280 (chapter 5) - test deployment{0}
dirk, Michael
3. next: strategy for "New Roots & Escrow" - how does debian work?
to contact, deferred to next events (?)
next round: picked up by Benedikt new proposal 2013-06-02{0}
Uli, Michael
Documentation Bugs.cacert.org Review, documentation I (bugs handbook) svg files to convert to jpg or png
{0}
Development, Deployment, Discussion
OAO, Ted
bug #943 change OA admin/assurer text
needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected
{-}
uli, Ted
bug #824 Org User cert fix Case study
Organisation User Certificates: Need UI improvement for proper production usage
{0}
uli, ted
bug #823 email address removal fix
No warning when removing e-mail address from account that certificates will be revoked
checked by 4, needs 2nd review, deploy
rejected{-}
inopiae
bug #920 Join - single name only (eg Indonesian)
details under bug number
{0}
uli
bug #859 admin console interface
feature request: show activity on an account in the admin interface
rejected, certs login doesn't modify "modified" field{r}
Michael
p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing
uli, marcus: needs full cert create tests
duplicate report to bug#978
tested by 3, 2nd review done, transfered
Ken reported: still has problems, bug kept open{0}
gagern, NEO
bug #440 Problem with subjectAltName (CSR, renew certs)
There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development
{r}
neo
bug #1025 Domain Dispute issue
disputes rc and rc2 var prob
needs work{r}
dirk
bug #1054 0001054: Review the code regarding the new point calculation
Thawte patch part II
needs further work{r}
Software Assessors: Review 1 / add to cacert-devel, add to testserver
Software-Assessors task
Testing
Testers task
neo
bug #1004 Stats page improvement
tested by 2, needs 2nd review
{0}
neo
Bugs #1159 it might be possible to execute commands on the signing server
{0}
inopiae
bug #1065 Wrong wording when sending mails during the assurance process
{0}
inopiae
bug #1162 calcutate (the passwords) hash in php instead of in mysql
create test scenarios for the software testers
![/!\](/moin_static199/cacert/img/alert.png "/!\")
Full testing {0}
inopiae
bug #0028 Wrong language for you've been assured & [CAcert.org] Client Certificate emails
{0}
inopiae
bug #988 TTP cap form deployment
{0}
Software Assessors: 2nd Review, Bundle Package to Critical Team
Software-Assessors task
Ted
bug #500 Get contact mail adress after resolving test
tested by 3, requires review
{0}
Ted
bug #1140 Show if a test is passed in learnprogress
tested by 3, requires review
{0}
magu
bug #1131 Rename _all_ Policies from .php to .html and fix all links
global policy directory maintenance and update
{0}
inopiae
bug #1010 Reorder the view on organisation certificates
tested by 3
{0}
Software Assessors: Bundle Package to Critical Team
Software-Assessors task
inopiae
bug #1139 Add new fields to the database
tests through #500 and #1140, 2nd review done, requires transfer
{0}
Awaiting Response from Critical Team
inopiae
bug #411 Wrong text is made into link
{g}