To Brain CAcert Inc. - CAcert.org Members Association - To Brain CAcert Inc. Committee Meeting Agendas & Minutes - last meeting - next meeting
Agenda - Committee Meeting 2009-12-20 - 21:00 UTC
- 1.1 Chair opens the Committee Meeting
1.2 Accept the Minutes of the last Committee Meeting
- 1.3 Ratify the Motions made since the last Committee Meeting
2 Businesses - Important Note: Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest!
2.1 mini-Tour Iang
- Frankfurt Assurance mini-mini-TOP 20091217
- report on meetings
2.2 Press Requests - Proposal for Procedure - added by hugi
- Establish standard procedure for official press or journalist requests.
2.3 "Process of Software Review" added by Iang from question by MarioLipinski
Also see comment below, thoughts & inputs.
2.4 Arbitration and Support update added by Iang
Including u60's Question of Clarification: please declare how many ping requests needs to be sent to identify non working arbitrators ? (u60)
2.5 Update on Finance added by Iang
- perhaps we see the first draft of the financials
- progress on the text report
- dilemma of our text/period v. their text/period; report will not be a representative document for the voting
- figure out the date (last)
2.6 Update on assets & documents handover from Robert added by Iang
- et cetera
3 Question Time - Important Note: Questions from CAcert.org Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here
4.1 Confirm next Committee Meeting: Usually every 1st & 3rd Sunday of the month, 21:00 UTC.
- 4.2 Chair closes the Committee Meeting
- 4.3 Preparation of Minutes
Minutes - Committee Meeting 2009-12-20
Present: markl, ernie, iang, PhilippDunkel.
- Partial: NB, briefly at end.
21:03 Markl took the chair in the absence of NB, and recognised the apologies of hugi and Guillaume.
Markl moves that "we accept the minutes of the last meeting" Seconded and AYE by iang. Ayes from PhilippDunkel, markl, ernie. Chair declares the motion carried as m20091220.1.
- No motions to confirm since last meeting.
- Iang presented the results of a 3 day trip:
Hamburg: 6 people present, produced 2 good efforts to address gaps of policy created by Assurance Policy's insistence on subsidiary policies for all practices in Assurance. Minutes of the 20091215 Hamburg MiniTOP on Assurance.
PoJAM wip 2 now stresses simple concept: The Assurer must check that the Member has entered into CCA (already exists) by for example checking a Consent Form from the parent/guardian. Now before policy group.
new TTP proposal has been written, with TTP as an additional in f2f Assurance process, no longer a special, centralised approach. Not yet before Policy Group.
Essen: 9 people there, focus on software repository and software assessment issues. Minutes of 20091216 Essen MiniTOP on Software.
- Andreas Baess and Markus Warg have concluded that many problems trace back to lack of proper repository methods (Iang concurs). A machine has been allocated, location secured.
- Brief given to Essen meeting on the "Innsbruck" starting effort for Birdshack (new generation). No conflicts seen. Some mild criticms presented, but it seems to stand the test of time, on paper. In the new year hope we can start on this. Birdshack needs:
- a team leader,
- enough of a code base that people can contribute
- and it needs close attention to the overall architecture.
- General point: In the new year, after Support, Arbitration and the various board responsibilities are met, we hope to put a lot of attention in this direction. . Also see Item 2.3 of this agenda.
End of Iang's report.
- markl: any action needed on the policy debates? iang: for board, no. For members, just to join, contribute, vote. Notes that there is a growing resentment at lack of policy movement, this is forward progress, so "good news".
- Iang presented the results of a 3 day trip:
2.2 Press Requests - Proposal for Procedure
21:16 As hugi was not present, this item was deferred.
2.3 Process of Software Review
- Mario posted this question as member and as arbitrator:
"Working on a20090810.1 I figured out besides a very loose SP regarding dual control in these cases there is no defined procedure for the review also in general. Who are the reviewers for a certain change? What has been changed?
"So I ask you to document a review procedure that must be met."
"Further I discussed this issue during the informal part during the Software Mini-TOP in Essen. It turned out, the only person who can review changes currently is Philipp G. Since Philipp commits valuable work regarding software to CAcert, this cannot be done within SP since there is no one else who has been approved for software assessment to review his changes. I propose to add Dirk Astrath, Markus Warg, Bernhard Fröhlich and Alexander Prinsier, who are familiar with the CAcert software and have shown activity recently, to the Software Assessment Team."
PhilippDunkell seconds. Markl: who of those 4 are critical systems? None, which was as it should be.
- Context: all other teams have been re-built over the last 12-18 months, and this the last major team to face a rebuild.
- Some discussion on how involved is the "software assessment team" with the critical systems. Software Assessment was originally intended to review the patches, but not install them. In order to deal with the situation of one Software Assessment person, and critical sysadm team's lack of familiarity, Philipp G remained with a foot in both camps. Critical systems admin and Software Assessment.
- Recently it was proposed to make him into a new role, Application Engineer, who would also be responsible for installing patches. This is proposed as WIP for security policy, is in practice, but is not approved as policy.
- Mario: Security Policy requires two reviewers. But there is only one in the team. So there can be no review under SP.
- Iang: side issue is the repository lack/situation as item 2.1/Essen of agenda.
- markl: having the people who assess also doing the deployment isn't good.
Discussion on whether the software assessment team deploys patches or not... general belief that this should not be so. Why not? "Because [the patches] commonly don't work well enough, they need real expertise to shake out final bugs."
- Point that if they can access the system, then they are "critical systems" and they need to be treated / controlled as such. Counter-point is that all Software assessment are under SP already, and need ABC, etc et al.
- So the request is to add Software Assessment team members, but they cannot deploy the patches, only sign off on them. (following long discussion.)
- Should Philipp be in both teams? Although this should be discouraged, there is no outright ban on it.
- General point that whatever the outcome, adding software assessors is requested, and is good. And they need ABCs.
- General consensus to examine how we do this. Iang noted that Philipp hasn't been able to do this, potentially because of job issues. Options are to appoint a temporary team leader, or to ask PG to propose the 4 new people. Preference for latter, discussion on text. Text to pre-accept new people was rejected.
iang moves, "that the board is of the opinion that more software assessment members are needed, and, requests the Software Assessment Team Leader to propose new members (Dirk Astrath, Markus Warg, Bernhard Fröhlich and Alexander Prinsier) for addition to the Software Assessment Team, and asks that ABCs be requested as soon as possible." Markl Seconds, 4 AYEs in favour, Chair declares it carried as m20091220.2.
- Mario posted this question as member and as arbitrator:
2.3bis - Process of Software Review - Redux
23:00 At the end of point 2.4 and before 2.5, Philipp G became briefly available and Chair invited him into the meeting. This section out of time order.
- iang: summarised. Motion to ask t/l to propose 4 people, and to request ABCs.
- PG verbatim:
From my point of view, we might want to seperate the release-management that is currently being done by Application Engineers from Software Assessment. I agree that it is a good idea to enlarge the Software Assessment team with a number of people to speed up patch-reviewing. We should also enlarge the Application Engineer team.
The proposals on the table look interesting to me. I will talk to them, whether they are interested and can make enough time available for the task.
- discussion of using the Software Assessors as a pool for new Application Engineers, looks like a good idea.
- Should the group be open or closed? PG wonders whether ABC is overkill for software assessment. Consensus to no change that now, let's see the experience.
- PG agrees to propose the 4 ABCs asap.
23:12 Note this above out of time order, should be after 2.4.
2.4 Arbitration and Support
- 22:20 Iang reports:
Support is proceeding to bring in Triage people. 3 ABCs have been completed. Michael Taenzer, Martin Schultze, Wolfgang Kasulke are now complete, so t/l-support will probably propose them for Support Engineer.
Arbitration: Question of Clarification: please declare how many ping requests needs to be sent to identify non working arbitrators ?
- Floor to Urlich: On a couple of Arbitrations, little response from Arbitrator. Pings sent to Arbitrator and to DRO, no response.
- markl: this is an issue for the Arbitrators, not Board. u60: the board's last motion put this to the DRO, but it is not working. markl: then we need to revisit the DRO position; there would be wider problems than only pings.
- iang: Nick is not here right now, so hard to pursue. However it does seem that Nick is often only able to put in brief bursts of time.
- Discussion, search for facts. Easy cases. There are 2 non-working arbitrators in u60's opinion.
- Noted that both PD and NB are "on sabbatical" but these aren't the two arbitrators suspected of non-working status.
- General consensus that there is a complaint here from the DRO except the DRO isn't presenting it. But we need to bring this up with him.
- PD: I will be available for Arbitration after next AGM, as will not be standing for Board.
- Options: assume the role of DRO back to board; appoint someone; or we could write a motion to current DRO.
- consensus on last option. Notice that we've not had a report. some text propsed.
- Some discussion on whether DRO should be an arbitrator, or should not. This discussion was recycled / deferred, should be minuted for next board meeting.
iang proposes, "That, given m20090811.1, and today's informal information that some arbitrators are non-working, board requests an immediate update of the state and health of the Arbitration system from DRO, with a view to changing the roles and re-invigorating the process." Markl seconds, 4 AYEs. Chair declared motion carried as m20091220.3
2.5 Update on Finance
- Ernie: Still a day's work to do, will send in next two days.
- Ernie: Who is doing the text part? Iang: the rest of us, probably. Iang has worked through the first 6 months of email traffic, July-December 2008. Lack of time for the other half, support job.
- Iang raises some points:
Guillaume and to a lesser extent PD will be important here because they were there.
we were not, and we are writing about a board that is almost non-cooperative ...
which leaves us having to work quite hard to avoid writing an adverse report
this does not give a true picture of this board to the membership ... so we may need to provide a clearly separated component about our 6 months or so
as pointed out, we need something of an outlook ...
- How to proceed with the text component? Iang volunteers to finish the email review, with caveats.
- Ernie: what is the future. Iang: I can write a view, but it is only one view. But it would be easier than the historical view.
- Markl is out of time until Jan 2, but available after that.
- Markl: Only the financial report is required. We could write a very short one on the last board, including that they were non-cooperative, and point to the mailing lists only.
- Iang: guess that we need to report on: server-move, audit progress, audit termination, SGM.
Should we write to each former member and ask them? If they offer up a statement, we just include it. "if it is not too crazy."
- We should do that ASAP. Markl agrees to be volunteered.
- Discussion moved on to the date. PD: we can set a date. Ernie agrees. Markl and Iang disagree, no financial in hand, we don't know how long it will take.
- Discussion.... Nick joins at this point and becomes tie breaker. Iang summarises.
Nick moved, "that the Annual General Meeting of this association be held on 2010 Jan 31." And AYE. Philipp Dunkell seconds and AYE. Markl, Iang, Ernie NAYE. Chair declares the motion is not carried, recorded as m20091220.4.
- Iang declares that there is a preference for Saturday amongst the membership, after consulting a straw poll.
Nick moved, "that the Annual General Meeting of this association be held on 2010 Jan 30." And AYE. Philipp Dunkell seconds and AYE. Markl, Iang, Ernie NAYE. Chair declares the motion is not carried, recorded as m20091220.5.
2.6 Update on Assets & Documents
- Markl: No chance to sync with RC as yet, will do it over Xmas break.
- Nick announced the possibility of a USD account with no fees. This was widely discussed on members' list. Ernie brings up that amounts are too small, fees exist, and administration is a cost. Markl: this is over on the members' list.
- Point of order, do we agree to discuss this? Straw poll: no.
3 Question Time
- Chair asks for Questions of the Members.
u60: report from events team leader verbatim:
within the last 2 weeks we've got confirmations for booths on Fosdem Bruessel, Feb 6th/7th, the European OpenSource conference, and for Cebit March 2010
- u60: brings up the DRO discussion as per Agenda Item 2.4
- The issue was summarised.
Nick makes point of order: the secretary did not send the notice of the meeting nor the agenda to the committee members. Chair rules there is no point of order, Agenda was distributed in customary fashion. Other points of order mentioned, dismissed.
- iang: who are the parties. Listed by u60. Therefore the issue is one of requesting the DRO to investigate the case of a non-working Arbitrator with a view to retirement. And the motion reflects that.
- Some discussion of problems with emails being sent, emails being received, emails being mislaid.
- Nick asked for a session in the private chat room. This was not supported by an agenda item. No minutes were kept of that session, no motions.
- 00:24 Chair adjourned the meeting, there being no more questions from members.
Synopsis of Meeting Contents
Decisions Reached by Motion including Update since last Committee Meeting - Overview
m20091220.1 - Accept previous meeting\'s minutes.
m20091220.2 - Request to propose new Software Assessment team members
m20091220.3 - Request report from DRO on arbitration situation
Place for Text of Meeting Transcript
Original Place Meeting Transcript SVN CAcer.org Website - Comment: Replace in original .txt file YYYYMMDD by the real date of the meeting and after that cancel this comment.
Inputs & Thoughts
Working on a20090810.1 I figured out besides a very loose SP regarding dual control in these cases there is no defined procedure for the review also in general. Who are the reviewers for a certain change? What has been changed?
So I ask you to document a review procedure that must be met.
Further I discussed this issue during the informal part during the Software Mini-TOP in Essen. It turned out, the only person who can review changes currently is Philipp G. Since Philipp commits valuable work regarding software to CAcert, this cannot be done within SP since there is no one else who has been approved for software assessment to review his changes. I propose to add Dirk Astrath, Markus Warg, Bernhard Fröhlich and Alexander Prinsier, who are familiar with the CAcert software and have shown activity recently, to the Software Assessment Team.
Text / Your Statements, thoughts and e-mail snippets, Please
Category or Categories