The Role of Support Engineer Team is to fix support problems

SET is part of the overall Support Team. This is your page. Other documentation is at:

  1. The "bible" of support: Security Policy #8 Support which is formal and binding policy over you and the Community.

  2. Each Security Policy section has a matching section in the Security Manual: Security Manual #8 Support. This latter section is managed by the Support t/l so it is easy to suggest changes.

  3. This wiki tree has an Index at Support. Keep that up-to-date and friendly, because also Members seeking help will go there.

The Support Engineer should be familiar with these documents.

The Picture

An evolving picture:

      |            /--<-----<---arbitrators
      \           /                |\
       \         /                   \
        \       /                     \
        SE channel                  Case Managers
         \                              /|\
          \                              |
           \                            /
            \                          /
             Support Engineer ---> disputes
               |       /|\           /|\   
               |        |             |
              /|\       |             |
             / | \      |          (via support)
            /  |  \     |             |
           /   |   user feedback      |
          /     \            |       /
        meta     \          \|/     /
       channel    \---> help channel

The Resources

There are several resources available to you. See Triage for description of buckets.


             Support Engineer <--- resources <---- buckets
                                   \   \
                                    \   \--- online system
                                      \--- feedback from member


Abuse / Security / Systems

Anything like an abuse, security weakness, disclosure, attack should alert the sysadms or the programmers.

Don't be shy. Seek help and fast. The more eyeballs, the better. You aren't expected to understand what the system is all about ... but you are expected to find someone who does... Consider for serious cases:

The Resolutions

As SE you can resolve this to a next level resource:

Requests for Information

The general rule is that a Support Engineer needs an authority to hand out any information. In general, see, SP 1.2, DRP 0.1 and in particular SP 8.1:

So, any question needs to establish that authority:

Beyond that, we don't have much. Here are some specific cases where there is no inherent authority:

Security Policy 9.3.2 speaks broadly to this:

Note that future software revisions (e.g., Birdshack) intend to document the authorities as used, as tokens. For now, we make do with simple substitutes such as the arbitration number.


In sending email to the member, do this:

Mailbox Setup

This is no longer actively used but each mail sent to support@cacert.org gets recorded there, so it may be used as fall back if there are problems with OTRS and for searching old mails from the pre-OTRS time

  1. details:
    • username is support
    • IMAP only.
    • password you have to get from t/l.
    • See CommunityEmail for most of the details

  2. a separate sending-STMP-out service needs to configured in your MUA client. This is because the smtp server rejects your existing one as using your individual user name, not 'support'.
    • in Tbird, it is Tools/Accounts/ "Outgoing Server (SMTP)" in the list of accounts at left; Add.
    • username is 'support'; see rest of details at CommunityEmail.

  3. Turn OFF downloading of mail before you connect.
    • The mailbox is already big enough that it will take hours for your client to download and index it locally.
    • Also, for security reasons, we don't want all this stuff cached on your machine.