Minutes of the MiniTOP on the 2012-01-17

Setting

The MiniTOP will be held via telco 22:00 CET

Attendees: dirk, marcus, uli, michael, ted

Topics

(skip to agenda)

Action items from last meeting Meeting Action Items

Agenda

1. bug #985 - Move Translingo to Translations (incl. patches)

  1. Translingo bug #985

    • https://translations.cacert.org (http://translations.cacert.org/) (replacement for translingo)

    • the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
    • I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
    • last foreign uploads 2008 on about 13 + cacert projects
    • whohas translingo server console access?
      • mario
    • req for console access for michael to contact project leaders, Updates?
    • Transfer In, Transfer Out problems
    • Update from new deployment ?
    • opened for: create an account can now be started
    • Michael current state:
      • import and export routine works
      • script to incorporate updates needs fixed
    • next: complete language handling needs to be updated
    • accept lang handler needs fix
      • FF de, de_de
      • IE 6 de, 8,9 de_de
    • working session within last meeting: michael, marcus
      • infos from meeting 2011-10-18
        • pdf code needs rewrite (uni code library, move to external server (outsourcing))
        • message cert notification - uses perl code, text source not avail (get bind-text-domain)
    • current state?
    • Marcus sent mailing to translators, no response so far, no tests so far (week 3)
      • Morten NO
      • Emanuel IT
    • current state:
      • create test system accounts dutch@test, espania@test and so on, let users do their tests
      • Magu, Marcus will give it a try
      • a couple of testers has started testing and reporting within the last 7 days
      • results: de, fr, en, pl, es, pl
    • last meeting: working session bug#985 translingo transfer

      • Michael: needs 2nd review
    • Translations
      • problems that relates to blocks translations
      • changes into translations database
      • contact NEO to transfer manualy to testserver
      • bug #985 needs 2nd review, so update script can run also on critical system

    • trying to assign to Ted, reviewed by Ted
      • Did a review. I cannot judge locale/Makefile, the other changes are acceptable.
        I guess before a patch can be created a rebase will be necessary... 
    • comment by NEO
      • OK, I have made a merge from release into that branch and removed the conflicts
        (a rebase would break fast forwarding). 
    • What is the impact? What is needed for going to production?
      • git potential problem solved, can be transfered to critical
    • Sync between translation server and critical system
      • make update, make upload to be started by critical admin on production console
      • po tool should send warning/errors, critical admin has to check on update
      • critical admins needs ssh key, to contact NEO
      • docu: new translations to add under system docu webdb
        • who ?
      • Critical team updated ssh firewall setting on critical system to pull and push updates from/to translations

2. Patches queue

  1. bug #827 - New Points calculation / Thawte patch
    • bug #827

    • bug#827 + bug#882 to merge
      • close bug#882
      • wot.inc.php + notary.inc.php to merge
      • continue with bug#827
      • pojam bug to fix
  2. bug#540 No key usage attribute in cacert org certs anymore?

    • also: bug#905

    • Policy group discussion - Extended key usage -> p20111113, motion CARRIED

    • deployment
      1. prepare fixes -> Michael to prepare diffs, against svn

      2. sending to testserver
      3. transfer to critical system
    • (2011-12-13) approx 2 weeks to write the fix, approx 2 months to go
    • Michael did transfer the patch to testserver
      • signer code update
      • changes against svn
      • uli, to add to tester portal, done
      • uli to inform testers about new tests
      • test report from kenneth to transfer to report (email from 2011-12-25)
        • Michael: where to find the report from kenneth? link?
        • NEO has added the report (written to private dl)
      • who has adobe 8 for testing?
        • magu has, please test
      • next: needs testing (week 3)
  3. bug#1002 0001002: Contact Assurer form leaves a funny comment after sending

    • Michael did transfer the patch to testserver
    • Michael: request to alex to check, seems to be ok
    • next: needs testing (week 2)
  4. Marcus: working session bug#789 OA field extension

    • magu to test
  5. Marcus: working session bug#859 Activity on Account

    • Michael: needs 1st review + transfer to testserver
    • NEO: will check the next days (week 2)
  6. bug#440 Problem with subjectAltName (CSR, renew certs)

    • "There seems to be a problem with the subjectAltName. Dupes, missing entries, and more"
    • patch by gagern
    • Software-Assessors: needs 1st review + transfer to testserver (week 2)
  7. bug #978 bug 978 (weak keys) (bug 918)

    • invalid key format, no regular error message, something wrong, error code # identified
    • debugging infos from user + infos from critical team with error code #, was spkac routine
    • one test done 2011-12-17 by JensK
    • (week 5)
  8. bug #920 Join - single name only (eg Indonesian)

    • details under bug number
    • presented to Policy Group
    • first results from policy group?
      • dirk has made some changes in 6.php last year
      • there are 4 possible choices:
        1. givenname
        2. lastname (as current fix)
        3. givenname or lastname
        4. brians proposal, mononym + checkbox
      • dirks proposal:
        • make name handling more AP conform (1 line names, multiple names)
      • 2 possible paths:
        1. allow multiple names (dirks proposal) is massive change (long term change)
        2. "simple" solution (short term change)
      • global re-design
        • eg users view
        • 43.php, multiple views

3. Michaels workqueue

  1. OCSP server - timeout 10 min too short, 3 days to long, recommendation is 24-48 hours max, verisign: 7 days, startssl: 2d
    • who has been informed, contacted?
    • Michael will inform Wytze
    • not yet written
    • general solved
    • scalability might be a problem in the future ?!?
    • preconfigured there is no solution
    • whats with EBJCA
      • java based
      • distribution solution (database replication), master server distributes to other criticial slaves, no caching function
      • post request includes timestamp, simple http cache probably doesn't work
      • engineX ?
    • ocsp protocol: version, requestor-name, extension, request-list
    • open issue, needs time for implementation
    • studienarbeit? bachelor arbeit?
    • new bug #1001 Need a way to set up redundant OCSP responders

  2. New function to TMS - edit notary table record
    • bug #980

    • infos from last meeting
    • testers needs editing individual notary records: fields "method", "awarded", "points"
    • easier to create notary records with testserver (add F2F), and edit existing record, doesn't need to check for assurer-from, assuree-to and so on
    • Update?
    • Michael (2011-11-15): after some other bug reviews
    • TMS - certs expire handling
      • for testserver eg 3 days (short), 31 days (long)

4. Dirks workqueue - The List of open / running / unhandled bugs

  1. VBscript for Vista/Win7 (select keysize >= 1024) (BlackJack) - reminder to dirk

    • x1 Dirk, new bug#964
      DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV

      current state: test /account/4.php added to testserver
      Marcus will do detailed tests on Wed
      some references added to bug#964

      {0}

    • as part of
    • x1 Arbitration case a20110312.1 Weak keys bug #918 / bug #954 / bug#964

    • Current state:
      • {g}

        pre mailing sent

        {g}

        keys revocation script to bulk revoke weak keys, new bug #954, finished

        {-}

        dirk: DEV: a20110312.1 bug#918 Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV
        vbscript needs to be improved with select box key size and lower limit to 2048 (based on https://wiki.mozilla.org/CA:MD5and1024)
        Api CertEnroll (MS crypto provider)
        new bug#964
        current state: test /account/4.php added to testserver
        Marcus will do detailed tests on Wed
        some references added to bug#964 - codename "BlackJack"

        {g}

        Weak keys blog post, published

        {g}

        Weak keys article published by Hanno(July 28), link is in CAcert's blog post (July 30)

        {b}

        weak keys: problems with cryptostick (to test at Froscon with Juergen ?)

    • cert enroll infos under bug#964

    • vista and win7 works with other engine !CryptoAPI (?) => Cryptography API: Next Generation

    • dirk: has not started the virtual machine
    • Question from Marcus: did someone contacted illuminat?
      • No, Marcus: to contact illuminat
      • illuminat will give it a try, first needs download of testserver image
    • Update?
      • marcus: illuminat not yet seen last time
      • baseline requirement - keyssize >= 2048 to fix till end of 2011

      • how to proceed?
      • dirk: 1st step, to bring win test server localy online
      • marcus: to contact illuminat
      • Do we have other developers who may pick up this project?
    • Marcus -> dirk: announcement of vbscript bug to developers mailing list

      • change keysize
      • merge 2 scripts to one
      • fix on script 1 needs fix in 2nd script too, solutions: include, one file, or comment fix script 2 too
    • interrupt: bug#964 -> codename "BlackJack"

      • relates to IE8 problem, that certs cannot be created
      • is there a security issue with available fix? also bug#918

      • related 927, 901, 847
      • a patch is online on testserver, but cannot found
      • related patch files, /pages/account/ 3,4,16,17; /include/account.php
      • there are other vbscript pages: ../account/ 6 + 19
    • Brian bug#964

      • Michael: Marcus to test with IE
      • IE select provider only
    • code from Brian needs some corrections, corrections to do, 4 + 17 inclusions, checkin
      • notification to Brian, done
      • quickfix has problems too
      • next step(s)
        • check error codes / debug routines
        • open developer mode, create cert
          • resulting error: line 213, put length, wrong parameter
            Zeile: 213
            Fehler: CertEnroll::CX509PrivateKey::put_Length: Falscher Parameter. 0x80070057 (WIN32: 87)
            Zeile 213:  objPrivateKey.Length = &h08000000

5. General Bugs List Overview

  1. Bugs to Review #1, transfer to testserver - Currently 5

    • uli

      bug #977 admin console text fix

      admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue

      {0}

      uli

      bug #967 OA isassurer check

      Give an OA the oppertuntiy to check if a desiginated Organisation Admininistrator is a CAcert assurer

      {0}

      uli

      bug #859 admin console interface

      feature request: show activity on an account in the admin interface, new update /!\

      {0}

      inopiae

      bug #981 OA overview (dupe of bug #943)

      New layout of view for Organisation Administraors in account/id35

      {0}

      gagern

      bug#440 Problem with subjectAltName (CSR, renew certs)

      There seems to be a problem with the subjectAltName. Dupes, missing entries, and more

      {0}

  2. Bugs under testing: - Currently 4

    • uli

      bug #855 admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver

      admin console lists "empty" and "Unknown" assurance types on listing given Assurances

      {0}

      Michael

      bug #978 bug 978 (weak keys) (bug 918)

      invalid key format, no regular error message, something wrong, error code # identified
      debugging infos from user + infos from critical team with error code #
      was spkac routine

      {0}

      Michael

      bug #540

      p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing

      {0}

      Michael

      bug #1002

      0001002: Contact Assurer form leaves a funny comment after sending

      {0}

  3. Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently 2

    • define priority eg. 10,2, and so on, proposed order: from 1 to 10

      7

      uli, ted

      bug #789 OA edit domain fix

      Editing domain for organisations does not work
      new update 2011-09-26
      more fixes, more testing
      * testcase scenario
      * open org, edit 1st domain in new window, edit 2nd domain in new window
      * results in: change made in window 2, written to record in window 2
      * needs cross checking

      {0}

      ? / u7 / m7

      2

      neo

      bug #985 move translingo to translations

      check language settings under testserver

      {0}

      2

  4. Needs development, deployment, discussion, reminder
    1. bug #835 Migrate CATS onto testserver

      • bug #835 Assurer challenge (on testserver)

        asssigned to Ted, CATS to install on ca-mgr1, awaiting deployment

        {0}

    2. bug#964, bug#918 (Part II) Codename "BlackJack"

      • Brian

        new bug#964
        DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV

        some references added to bug#964
        current state: first review, add to testserver

        {0}

6. Long term projects

  1. strategy plans ... next: strategy for "New Roots & Escrow"

    1. idea: using indirect crl's ?
      • 2 crl's needed, one valid, one invalid crl server
      • more infos available ? who ?
        1. build testserver with special certs
        2. Magu, Michael to send instructions for test deployment
      • meetings ago we've defined Testing requirements and a potential testszenario
      • to remind every meeting
      • Michael: testserver environment deployment
      • Michael will review after Certs extension policy group vote
        • Michael: VM + OS builtup for CRL server tests (WIP)
    2. policy group: define requirements
      • multimember escrow method ?
        • needs risk analyze
        • potential candidates ?
          • Marcus to contacted Benedikt, will contact Thomas K
          • Next step(s)
  2. CI (Update)
    1. description to eclipse testpage, Webinar

      • deployment scenario:
        1. create testusers
        2. testing
        3. delete testusers
      • regression test for standard tests: eg 0,1,49,50,51,99,100,101 pts w/ and w/o CATS passed
      • reminder
    2. Jubula Test-Tool (by Michael) - update?
    3. new proposal by Sven: Webdriver with Maven and Jenkins-CI
      1. sven did some work regarding frontendtest (Webdriver with Maven and Jenkins-CI)
        • Michael did some review: probably needs some seperation
        • raw source

        • one implemented test case

          • needs building a team, sven + 2 others, to be forced and pushed forward
          • active people have to work with this framework
            1. write a testunit that triggers the bug
            2. write a bugfix
            3. start regression test
  3. Infrastructure seperation
    1. CAcert Inc statement - received
    2. Hosting/Housing Provider
      • 2011-12-01: Vienna response
      • questions answered
    3. contacting secure-u, oophaga started?
      • Frank, Mario, Ted, Uli, Sebastian ?
      • Secure-u started 2011-12-19, awaiting response
    4. Hardware
      • alternate solutions
        • offer Frank a) 80 w, too high
        • b) IBM eServer xSeries 335 (Model-Type 8676-61X) => pentium4

        • doesn't fit power consumption
        • uli: luxemburg connection, will try 1st week in january
      • 2 way path: search sponsors for money, search hardware sponsors
      • level after netburst
      • sample TK config: 1626.90€ + 117.30€ (1750)
        • includes: Intel Xeon 4-Core E3-1260L 2,4GHz 8MB 5GT/s, 16 GB ECC DDR3 1333-RAM, 4x 500 GB SATA II WD Raid
      • fund rising project
  4. Helping CAcert
    • How does recruitment work?
    • Newsletters, recuring notifications
    • Fosdem -> focus on Nucleus events

    • Recruitment on events?
    • Recruitment page eg events/Recruitment, HelpingCAcert, Jobs

    • Flyers?
    • re-design main page:
      • dirk: 3 news, upcoming events
      • michael: *
      • rss-feed script modification is simple
      • main page cms page, login to secure area (portal project)
        • public: www.cacert.org
          • secure1: www.cacert.org
          • secure2: secure.cacert.org
  5. Discovery II a20110118.1 discussion

    • still running
    • who should receive infos? list of appropiate recipients listed in discovery II table
    • possible software solutions:
      1. triggered info mailing eg board-private mailing list + support
      2. view page with current results (like hidden stats page?)
    • bug#1003 Provide a possibility to regularly review the permissions in the system

  6. Affilates program - topic for SA ?
    • currently not
    • planned income projects by CAcert Inc
    • new portal (Benedikt, Karsten working on it)
      • critical / non-critical systems
        • non-critical portal - with login link to critical secure.cacert.org
        • cms system: own user base?
        • critical system userid includes @, cms userid does not include @
        • cms login adding userid from critical system may result in security leak that account data can be collected (MITM)
    • affiliate link to each event (template)
      1. addtl. link under main ads
  7. CAP Form redesign for upcoming events
    • Fosdem
    • Cebit
    • Chemnitzer Linuxtag
    • CAP forms have no bank account infos
      • CAP form redesign
  8. "NEO projects"
    1. architecture/design (aka Birdshack design)
    2. signer rewrite
      • cabforum, blacklist implementation
      • needs a rewrite, protocol isn't that reliable as required/needed
      • problems in current design: eg count of days a cert expires will be transfered from client to server
      • multiple servers (staging/scaling/load balancing)
      • problems in current design: eg OpenSSL and multithreading
  9. Vendor-Api / New Assurers Portal
    • Marcus sent some proposals
    • A team is working on a Portal project (Carsten, Marcus)

7. next meeting

Minutes

  1. Experience points for ATE attendance
    • requirements to upgrade database schema
    • co-auditor has the list of primary email addresses by co-audits
    • currently technical not possible, needs coding, database upgrade
    • AP references subpol TTP and/or PoJAM, references co-audit, with reference to AH
      • AP 4.4
        Additional Experience Points may be granted temporarily or permanently to an Assurer by CAcert Inc.'s Committee (board), on recommendation from the Assurance Officer. 
    • There are other policy requirements, that also needs to be implemented
    • Exp. pts has low priority: tasks with highest priority: Thawte points removal (6.php), TTP (+TOPUP), then others
    • add note to AH: (currently technical not possible)
  2. Thawte points removal, final step
    • relates to 6.php
    • this also relates to TTP
    • dirk will work on this upcoming weekend

1. bug #985 - Move Translingo to Translations (incl. patches)

  1. Translingo bug #985

    • https://translations.cacert.org (http://translations.cacert.org/) (replacement for translingo)

    • the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
    • I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
    • last foreign uploads 2008 on about 13 + cacert projects
    • whohas translingo server console access?
      • mario
    • req for console access for michael to contact project leaders, Updates?
    • Transfer In, Transfer Out problems
    • Update from new deployment ?
    • opened for: create an account can now be started
    • Michael current state:
      • import and export routine works
      • script to incorporate updates needs fixed
    • next: complete language handling needs to be updated
    • accept lang handler needs fix
      • FF de, de_de
      • IE 6 de, 8,9 de_de
    • working session within last meeting: michael, marcus
      • infos from meeting 2011-10-18
        • pdf code needs rewrite (uni code library, move to external server (outsourcing))
        • message cert notification - uses perl code, text source not avail (get bind-text-domain)
    • current state?
    • Marcus sent mailing to translators, no response so far, no tests so far (week 3)
      • Morten NO
      • Emanuel IT
    • current state:
      • create test system accounts dutch@test, espania@test and so on, let users do their tests
      • Magu, Marcus will give it a try
      • a couple of testers has started testing and reporting within the last 7 days
      • results: de, fr, en, pl, es, pl
    • last meeting: working session bug#985 translingo transfer

      • Michael: needs 2nd review
    • Translations
      • problems that relates to blocks translations
      • changes into translations database
      • contact NEO to transfer manualy to testserver
      • bug #985 needs 2nd review, so update script can run also on critical system

    • trying to assign to Ted, reviewed by Ted
      • Did a review. I cannot judge locale/Makefile, the other changes are acceptable.
        I guess before a patch can be created a rebase will be necessary... 
    • comment by NEO
      • OK, I have made a merge from release into that branch and removed the conflicts
        (a rebase would break fast forwarding). 
    • What is the impact? What is needed for going to production?
      • git potential problem solved, can be transfered to critical
    • Sync between translation server and critical system
      • make update, make upload to be started by critical admin on production console
      • po tool should send warning/errors, critical admin has to check on update
      • critical admins needs ssh key, to contact NEO
      • docu: new translations to add under system docu webdb
        • who ?
      • Critical team updated ssh firewall setting on critical system to pull and push updates from/to translations
    • recuring pootle tests every night, dayly notes to mailing list
  2. Bring TTP assurances up to running
    • requirement: make 855 active on production
    • TTP-caps can be build by TTP-admins offline, not for public distribution !!
      • uli

        bug #855 admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver

        admin console lists "empty" and "Unknown" assurance types on listing given Assurances

        {0}

    • uli to add test report
    • needs 2nd review by dirk, ted, markus, pg - ted will do within the upcoming days, probably Thursday
  3. bug#540 No key usage attribute in cacert org certs anymore?

    • also: bug#905

    • uli, marcus: needs full cert create tests
  4. Infrastructure Separation
    • new hardware -> leasing?

  5. bug#1002 0001002: Contact Assurer form leaves a funny comment after sending

    • Michael did transfer the patch to testserver
    • Michael: request to alex to check, seems to be ok
    • tested by 2, needs 2nd review + deploy (week 2), ted?
  6. bug #978 bug 978 (weak keys) (bug 918)

    • invalid key format, no regular error message, something wrong, error code # identified
    • debugging infos from user + infos from critical team with error code #, was spkac routine
    • one test done 2011-12-17 by JensK
    • (week 5)
    • uli, marcus: more tests: certs routine, weak keys (small keys test), relates to bug#540 tests

  7. OCSP server - timeout 10 min too short, 3 days to long, recommendation is 24-48 hours max, verisign: 7 days, startssl: 2d
    • after all the modifications done, accecss to ocsp server has a hickup, sometimes, sporadic
    • Michael: no idea
  8. VBscript for Vista/Win7 (select keysize >= 1024) (BlackJack) - reminder to dirk

    • x1 Dirk, new bug#964
      DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV

      current state: test /account/4.php added to testserver
      Marcus will do detailed tests on Wed
      some references added to bug#964

      {0}

    • current state: an undef error with current patch
    • we need someone who has experience with vbscript, to come into telco, reviews interface/api beforehand
      • illuminat: not before eastern
      • marcus: will ask users on assurance party tommorow
  9. CI (Update)
    1. new proposal by Sven: Webdriver with Maven and Jenkins-CI
      1. sven did some work regarding frontendtest (Webdriver with Maven and Jenkins-CI)
        • Michael did some review: probably needs some seperation
        • raw source

        • one implemented test case

          • needs building a team, sven + 2 others, to be forced and pushed forward
          • active people have to work with this framework
            1. write a testunit that triggers the bug
            2. write a bugfix
            3. start regression test
        • what do we want?
        • is this our direction?
        • does this fit to our requirements?
        • someone needs time to do a deep review
        • long term view:
          • developers needs to become familiar with the automated testing system to write also the test scripts
          • software-assessors to review test results
  10. Foundations
    • dst files for logos
  11. Discovery II a20110118.1 discussion

    • still running
    • who should receive infos? list of appropiate recipients listed in discovery II table
    • possible software solutions:
      1. triggered info mailing eg board-private mailing list + support
      2. view page with current results (like hidden stats page?)
    • bug#1003 Provide a possibility to regularly review the permissions in the system

    • motion from last board meeting (not avail yet), carried
      • It is moved that Board or a representative asks the persons responsible for an up-to-date copy of all access lists as specified in the Security Policy §3.4.2 including OA
  12. next meeting: Tue 24th

Fixed Action Items since last or within meeting


Action Items New

Action items: Meeting Action Items

Software/Assessment/ActionItems

Development, Deployment, Discussion

  • OAO, Ted

    bug #943 change OA admin/assurer text

    needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected

    {-}

    uli, Ted

    bug #824 Org User cert fix Case study

    Organisation User Certificates: Need UI improvement for proper production usage

    {0}

    uli, ted

    bug #823 email address removal fix

    No warning when removing e-mail address from account that certificates will be revoked
    checked by 4, needs 2nd review, deploy
    rejected

    {-}

    inopiae

    bug #920 Join - single name only (eg Indonesian)

    details under bug number

    {0}

    uli

    bug #859 admin console interface

    feature request: show activity on an account in the admin interface
    rejected, certs login doesn't modify "modified" field

    {r}

    Michael

    bug #540

    p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing
    uli, marcus: needs full cert create tests
    duplicate report to bug#978
    tested by 3, 2nd review done, transfered
    Ken reported: still has problems, bug kept open

    {0}

    gagern, NEO

    bug #440 Problem with subjectAltName (CSR, renew certs)

    There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development

    {r}

    neo

    bug #1025 Domain Dispute issue

    disputes rc and rc2 var prob
    needs work

    {r}

    dirk

    bug #1054 0001054: Review the code regarding the new point calculation

    Thawte patch part II
    needs further work

    {r}

Software Assessors: Review 1 / add to cacert-devel, add to testserver

  • Software-Assessors task

Testing

  • Testers task

    neo

    bug #1004 Stats page improvement

    tested by 2, needs 2nd review

    {0}

    neo

    Bugs #1159 it might be possible to execute commands on the signing server

    {0}

    inopiae

    bug #1065 Wrong wording when sending mails during the assurance process

    {0}

    inopiae

    bug #1162 calcutate (the passwords) hash in php instead of in mysql

    create test scenarios for the software testers /!\
    Full testing /!\

    {0}

    inopiae

    bug #0028 Wrong language for you've been assured & [CAcert.org] Client Certificate emails

    {0}

    inopiae

    bug #988 TTP cap form deployment

    {0}

Software Assessors: 2nd Review, Bundle Package to Critical Team

  • Software-Assessors task

    Ted

    bug #500 Get contact mail adress after resolving test

    tested by 3, requires review

    {0}

    Ted

    bug #1140 Show if a test is passed in learnprogress

    tested by 3, requires review

    {0}

    magu

    bug #1131 Rename _all_ Policies from .php to .html and fix all links

    global policy directory maintenance and update

    {0}

    inopiae

    bug #1010 Reorder the view on organisation certificates

    tested by 3

    {0}

Software Assessors: Bundle Package to Critical Team

  • Software-Assessors task

    inopiae

    bug #1139 Add new fields to the database

    tests through #500 and #1140, 2nd review done, requires transfer

    {0}

Awaiting Response from Critical Team

  • inopiae

    bug #411 Wrong text is made into link

    {g}



Software/Assessment/20120117-S-A-MiniTOP (last edited 2012-01-24 05:25:34 by UlrichSchroeter)