Critical Team
Is there somwhere a list with the task, you (the critical team) have to do? If not, can you please, write me just an overview?
As far as I know, there is no task list written down in the sense you mean. But basically most activities of the critical team follow from the CAcert Security Manual https://wiki.cacert.org/SecurityManual
In short is is taking full responsibility for the secure operation of the part deemed critical for CAcert's operation:
- the webserver www.cacert.org
- the signer (offline)
- the DNS server ns1.cacert.org (and its slave servers)
- the CRL server crl.cacert.org
- the OCSP server ocsp.cacert.org
- the firewall servers cacert-fw01.cacert.org / cacert-fw02.cacert.org for the entire CAcert infrastructure at BIT
- the SSH server hopper.cacert.org for secure access to all of the above and the Sun ILO servers.
In addition the critical sysadmin team also manages the physical aspects of the CAcert infrastructure server (infra02.intra.cacert.org, which is software-wise managed by the infrastructure team), and the setup of the three CAcert test servers (test.cacert.org, test2.cacert.org and test3.cacert.org).
And of course the critical sysadmin team is interacting with development, software assessment, support and arbitration teams for all issues involving some critical server. It also interacts with BIT staff for issues like abuse reports received and physical hosting aspects.
Are this task to do on site in the hosting centre or can they be done by remote access?
Most tasks can be done and thus are done by remote access. We aim to keep the number of site visits to an absolute minimum. As you should now, a critical sysadmin cannot just visit the BIT data center and do his work, he must be accompanied by an Access Engineer from secure-U, since they are the only people with authorization to enter the data center (but they have no software access to the machines). So site visits are expensive in terms of required volunteer resources, even more so when non-trivial signing server access is required -- that requires at least two critical system administrators and one access engineer to be present on-site. All of this is mandated by CAcert's Security Policy and spelled out in the Security Manual.
There are a few cases in which a site visit is unavoidable:
- a) a hardware failure which cannot be resolved or worked around remotely, and thus must be analyzed on site, possibly followed by replacing some broken hardware
- b) an update to the software running on the offline signing server
- c) physical reconfiguration of servers or internal network.
With the policies as they are, you will need at least two fully qualified persons which are willing to travel to BIT in Ede for the occasion (b) and some (a) above, and at least one for (c) and remaining (a) cases.
-- wytze 04/2019