Minutes of the MiniTOP on the 2012-10-09

Setting

The MiniTOP will be held via telco 22:00 CEST

Attendees: Marcus, Magu, Michael, uli, Timo, Benny, dirk, (alex by irc)

Topics

(skip to agenda)

Action items from last meeting Meeting Action Items

Software/Assessment/ActionItems

Development, Deployment, Discussion

  • OAO, Ted

    bug #943 change OA admin/assurer text

    needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected

    {-}

    uli, Ted

    bug #824 Org User cert fix Case study

    Organisation User Certificates: Need UI improvement for proper production usage

    {0}

    uli, ted

    bug #823 email address removal fix

    No warning when removing e-mail address from account that certificates will be revoked
    checked by 4, needs 2nd review, deploy
    rejected

    {-}

    inopiae

    bug #920 Join - single name only (eg Indonesian)

    details under bug number

    {0}

    uli

    bug #859 admin console interface

    feature request: show activity on an account in the admin interface
    rejected, certs login doesn't modify "modified" field

    {r}

    Michael

    bug #540

    p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing
    uli, marcus: needs full cert create tests
    duplicate report to bug#978
    tested by 3, 2nd review done, transfered
    Ken reported: still has problems, bug kept open

    {0}

    gagern, NEO

    bug #440 Problem with subjectAltName (CSR, renew certs)

    There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development

    {r}

    neo

    bug #1025 Domain Dispute issue

    disputes rc and rc2 var prob
    needs work

    {r}

    dirk

    bug #1054 0001054: Review the code regarding the new point calculation

    Thawte patch part II
    needs further work

    {r}

Software Assessors: Review 1 / add to cacert-devel, add to testserver

  • Software-Assessors task

Testing

  • Testers task

    neo

    bug #1004 Stats page improvement

    tested by 2, needs 2nd review

    {0}

    neo

    Bugs #1159 it might be possible to execute commands on the signing server

    {0}

    inopiae

    bug #1065 Wrong wording when sending mails during the assurance process

    {0}

    inopiae

    bug #1162 calcutate (the passwords) hash in php instead of in mysql

    create test scenarios for the software testers /!\
    Full testing /!\

    {0}

    inopiae

    bug #0028 Wrong language for you've been assured & [CAcert.org] Client Certificate emails

    {0}

    inopiae

    bug #988 TTP cap form deployment

    {0}

Software Assessors: 2nd Review, Bundle Package to Critical Team

  • Software-Assessors task

    Ted

    bug #500 Get contact mail adress after resolving test

    tested by 3, requires review

    {0}

    Ted

    bug #1140 Show if a test is passed in learnprogress

    tested by 3, requires review

    {0}

    magu

    bug #1131 Rename _all_ Policies from .php to .html and fix all links

    global policy directory maintenance and update

    {0}

    inopiae

    bug #1010 Reorder the view on organisation certificates

    tested by 3

    {0}

Software Assessors: Bundle Package to Critical Team

  • Software-Assessors task

    inopiae

    bug #1139 Add new fields to the database

    tests through #500 and #1140, 2nd review done, requires transfer

    {0}

Awaiting Response from Critical Team

  • inopiae

    bug #411 Wrong text is made into link

    {g}


Agenda

1. Preface

2. DEV on bug 1023/1054 "Thawte Patch"

3. 2nd review of about again 5 remaining patches

4. Patches Overview - Testing

  1. bug #835 CATS test on testserver http://cats1.it-sls.de/

    • create client cert
    • go over to http://cats1.it-sls.de/ pass a cats test

    • inform Ted to trigger a transfer of the tests to the testserver
    • check if CATS test passed to testserver
    • test with different accounts
      1. members age GT 18
        1. member < 100 pts, pass the CATS test

        2. member >= 100 pts, pass the CATS test

      2. members age GT 14 and LT 18
        1. member < 100 pts, pass the CATS test

        2. member >= 100 pts, pass the CATS test

      3. members age LT 14
        1. member < 100 pts, pass the CATS test

        2. member >= 100 pts, pass the CATS test

    • finish and report the tests, no need to transfer to production
  2. Problem with subjectAltName: bugs: bug #440, bug #1054, test 1054.3.6, bug #1035

    • create several types of certs (client certs, server certs, org client certs, org server certs) and analyse the content of the certs -> subjectAltName and CN with single SAN and multiple SANs

    • renew the certs
    • addtl. tests ? Marcus? Magu? BenBe?

    • 2012-10-02 dirk: problems with git push #1054, got fixed
    • DEV on bug 1023/1054 "Thawte Patch"
  3. bug #922 missing "certificate about to expire" messages

    • you can use previous test to also check "certificate about to expire" messages
    • notification expected: 1d, 15d, 30d, 45d
    • Uli: Marcus plz test again
    • Marcus+Uli: plz add serno of cert about to expire into the message text
  4. bug #964 and bug #1017, relates also to bug #1054, test 1054.3.6 - Chrome certificate enrollement (relates to #964 "Black Jack")

    • create client certs, go to signing routine
    • new routine with 3 different potential signed public key download routines /account.php?id=6 list 3 options
      1. Install the certificate into your browser (tested)
      2. Download the certificate in PEM format
      3. Download the certificate in DER format
  5. bug #1054 (Thawte patch) tests passed ?

  6. Marcus Bugs list
  7. new bug #1095 "Problems with creating server sertificate where the csr is created with Java SDK Tools"

    • cmdline sample: keytool -genkey -alias test.test.net -keyalg RSA -keystore test.test.net.ks -validity 1095
    • NEO couldn't reproduce the problem using keytool, tested against production and testserver
    • identified as weak key usage: csr used MD2 encryption, not or no longer supported by openssl, add new error message

5. New SA candidates and Coders

  1. ABC Benny - possible Itzehoe (2012-09-14), mrmcd (2012-09-08) or other events before 2012-08-10 - 2012-08-11 BarCamp kiel

    • ABC Benny passed/closed, added to board meeting agenda upcoming meeting

  2. Heino, not yet prepared, needs first contact
  3. How to find coders? Experiences from the Gentoo project
  4. report from last board meeting - topic Arbitration

6. Long Term Projects

  1. NEO: "BlackJack" bug #964

    • NEO: "BlackJack" bug #964 testing from last week -> error codes

      • started implementing
    • how does bug #1017 relate to this bug?

      • cert signing routine
      • ie5 ie6 automatic storage of signed key in local keystore
      • doesn't work under vista, win7
      • msi package is to download and import the keys to the local keystore under vista, win7
      • relates to bug #1099 but is quite different

      • neo sent msi package for testing to u60, benbe; test successful passed
  2. Marek's sql class project:
    • is working on charset replacement
  3. api project, Carsten continues with portal project not waiting for vendor-api to be delivered
    • vendor-api delayed
      • no coders
      • other projects
      • related to sql class project
    • portal project continues with a workaround, needs an assurer
      • arbitration case on locations database orders outsourcing of find-an-assurer asap
      • with portal function, update of data is possible vs. update of data on critical system is difficult (keep data current for assurers)
      • relation to location database
        1. website find an assurer
        2. scripted mailing for ATE invitations
      • user check that data is still valid eg every 1 year
        • notification at login upto 6 months not online
        • notification by email if not logged in within last 6 months
  4. Automated testing system

7. next meeting

Minutes

  1. Preface
    • Timo: monitoring signer, not yet done
    • Timo, Benny: Distro needs upgrade
      • lenny - support ended Feb 2012
        • upgrade etch to lenny was a long running project
    • squeeze (current stable release) - tests started by critical team
      • "wheezy close before release date
      • monitoring system eg Zabbix instead of Nagios?
      • BenBE: Icinga as alternate?
      • Zabbix agents: requires to be the same revision as server
    • Timo: automated testing systems are mergable
      • frontend test: java, may become a problem, alternate php version?
      • focus on unittests
        • dirk: code or screen?
        • code and screen
      • frontend and unit tests on one machine?
      • trial: port frontend tests
    • Timo: bug #1101 refactoring getalt getcn

      • might 1101 comment c3225

      • tries to build a php library for openssl parsing replacement
        1. asn.1 parsing, own library
        2. ???
      • openssl does escaping (per man page) (input? output?)
      • library test thru unit tests
      • openssl command for multiple san's ?
    • Donations: whats with paypal?
      • in code redirects to paypal
    • web analytics (to get an idea for performance), how many visits, clicks
      • did run in the past, had been removed
      • Timo: bug #220 "Find an Assurer" and "My Location" too bare-bone without Javascript

        • shall be outsourced (per arbitration ruling)
    • Michael: mail regarding squeeze upgrade to critical team
  2. Benny - new SA
    1. wiki-1: add Wiki account name to AllowedUsersGroup

    2. wiki-2: add Wiki account name including motion number new Software Assessment Team member

    3. mantis: add/change group admin status
    4. testserver create console account, also ca-mgr1, git-cacert
    5. testserver ssh key exchange
    6. connect to cacert-devel mailing list, add as owner
      • request by Michael to list-admin: plz add all Software-Assessors as Owner of cacert-devel mailing list
    7. TL: welcome mail (also info to critical admins) about new Software-Assessor team member
  3. Magu question to Marcus
    • last contact to gooze, around August, September
  4. Test patch to review / transfer for BenBe

  5. next meeting
    • Tuesday, October 16, 2012 22:00 CEST

Fixed Action Items since last or within meeting

Action Items New

Action items: Meeting Action Items


Software/Assessment/20121009-S-A-MiniTOP (last edited 2012-10-09 23:25:05 by UlrichSchroeter)