This page APPROVED in m2013????.?
Stuff that needs completion is in Bold XXXXX
Reflecting headings from last year
From the Committee of CAcert
Hereby, the Committee of CAcert Inc presents its executive report to the members of Association, and by extension, to the entire Community of CAcert. This report is over the customary period of 1st July 2012 to 30th June 2013.
In addition to that defined period, the Committee presents a Forward Looking Statement that covers 1st July 2013 and beyond. Note also that Team Reports are not so constrained by fixed periods.
The terms committee and board are used interchangeably. The terms CAcert Inc. and the Association are used interchangeably. The term Member means a member of the Community under the CCA where unqualified, and a member of the Association or the committee where qualified.
CAcert Inc. is incorporated under the Associations Incorporation Act, 2009 of NSW, Australia. The members of the Association are our registered participants in the governance of our wider Community. Total Association membership at 30th June 2011 was 90. As of time of writing, association membership stands at 100. The wider Community outside the association currently numbers some 5,200 Assurers, around 22,000 end-users with some assurance, and over 200,000 accounts with zero assurance.
CAcert Inc. has no employees – we rely fully on a cadre of volunteers to carry out all functions.
CAcert Inc. operates under the rules of the Association, as adopted by the Association members, November 2011. In addition, CAcert Inc also binds itself by means of the CAcert Community Agreement and prior decisions at AGM and Committee to the policies of the community. Under these combined rules, the affairs of CAcert Inc. are managed by the Committee.
The Committee is elected each year at the annual general meeting. The Committee comprises the president, the vice-president, treasurer, secretary and three ordinary members. The Committee also forms a sub-committee under the rules, and incorporates the sub-committee into deliberations. The Committee meets on the Internet once or twice per month. Meetings are generally open, minuted on the wiki, and publically readable.
The Committee's primary role is to manage the services and teams of the Community. The Committee is assisted by 2 other main groups, being the Arbitration Forum for the resolution of disputes and the policy group for the creation and approval of formal policies. The Committee directly manages the many teams of CAcert, each of which work within the policy framework of CAcert, document their activities and processes on the wiki, report to the Committee, and abide by rulings of the Arbitration Forum.
The outgoing Committee provides the annual report to members at the annual general meeting. The annual report includes a financial report, team reports, a summary of the year's events and a forward looking statement to assist the incoming Committee.
The Committee's Year in Brief
All minutes can be found on the wiki:
There is a summary of the Board's activities extracted from the minutes:
In response to two factors (being, moves by the CA industry, and accusations in the previous year impacted over future auditors), the board took on a far-reaching reconsideration of the primary mission of CAcert, being in short to 'get into the browsers.' This should be an important goal but not dominate everything else.
The CA industry has now imposed multiple audits on the process, and browser vendors (Mozilla and others) have followed suit without any apparent question as to the costs and competitive nature of the process. The increased costs in the process are perhaps doubling and tripling that which we have faced in the past.
As it was already in our minds that the cost of even one audit was unreachable, we are now faced with a dramatic challenge to the mission. There are yet rumours a sponsor could be found.
This has far-reaching implications. In order to address this, the committee discussed some ways to better utilise the community to get the root into the browsers on a manual basis, including browser plugins and contract changes to facilitate member-empowerment.
Before we can get external audits, we need to have internal audits. In spring 2013 a member showed up that is able and willing to do regular internal audits. In 2013 he did some preparation and will start in the beginning of 2014. Some areas of CAcert are ready for audit or have already passed an audit, in other areas essential work has to be done to be auditable.
Location of CAcert
CAcert Inc is incorporated in Australia, the original location of its founding as a community. However it has been for many years clear that the centre of members and activity for the community is located in Western Europe, mainly in Netherlands, Swiss, Austria and Germany. France becomes more important too.
Efforts to enhance the Australian base have worked partially, here Ian did an excellent work. But since Ian is no longer in Australia, the situation is very deplorable.
It is therefore our emerging view that we need to move CAcert's intellectual property and management vehicle to Europe, in order to better align with the strength of the community. In this board time there was no real progress. But just during the preparation of this AGM it became obvious that we must enforce it, maybe very fast. No Australian member showed up and was nominated till the final date. So, some of them can only be nominated during the AGM.
The Committee's Forward-Looking Statement
July 2013 to November 2013 (AGM Time)
This period has already passed, and this section can be seen as a preliminary briefing on the period. However, the next year's full report will properly replace this entire section with a formal report.
- The participation of the Australian Board members has been worse and worse during that time, but sadly no one really responded in good time.
- We finally appointed more arbitrators and some new arbitrators did good work. But still we need more arbitrators. Many old arbitrators are very busy with other tasks and are no longer active.
- The software team was rather active and some important patches are settled now. We now ask for confirmation to CCA on all sensible occasions, so at least all active members agreed the CCA now.
- There have been enhancements to the support console and precedent cases, so more cases can be handled now without explicit arbitration.
Since it became important to get a new root certificate with a SHA256 hash and we need an auditable escrow method, we started a "New Roots & Escrow project".
December 2013 to End-2014
Looking forward, the Committee has to face one giant challenge, that is to move CAcert from the present Australian CAcert Inc. to an European incorporated association or similar form of organisation.
Even if at the moment some Australian members would show up, I have no hope that we get a well working Australian community in the long term. Besides that most members are in Europe and opposed to most other parts of the world, in Europe we have a well working and cheap banking system established, so we would save an enormous amount of bank transfer costs and exchange costs if our main account is there. And we have many active people nearby, so many travels are just some dozen or hundreds of kilometres.
As we can see at present, nearly all contracts can be easily transferred. But the community and the CCA are the stumbling block. It looks like we need a consent of each community member to transfer the legal binding to the new association, but many are nor very responsive and maybe a lot of email addresses do not exist any more.