Team Reports 2023/2024

Team Leaders are encouraged to present a report for their team. (alphabetic order)

19 = Text from 2019 or 2020, please replace!

AffiliateProgramme

The only programme that works really is the parthernsh booking.com. Thank you very much for each booking it's travels with this portal, using the CAcert link. The price is the same, but we get some %.

The webshop with T-shirts, caps, mugs and more was run by secureU, a partner association from CAcert in Germany. The benefit was used to pay bills for us. At the moment, this service is not in service.

Furthermore, there is a puzzle book for children (Rätselspass für junge Computerfritzen) that can be ordered directly. The whole roalty goes to CAcert.

Amazon

Since April 2018, CAcert has Amazon Affiliates links. Unfortunatley, there are different links for each different language/shop:

Google

On the wiki, we have Google Ads on the top corner. To help CAcert, please allow your adblocker to show this ads. They are small, discrete and do not disturb you while writing or reading on the wiki.

Arbitration

No activity in 2023/2024.

Assurance

In the last 12 month about 1500 new user joined the CAcert community. The grow of assurers on the other side came to a stop (after several years with no ATE). The community has 388'000 members.(ru)

ATE

A member organised an on-demand-ATE-week in the Swiss Alps during holliday times. The success was restrained.

Audit Team

ABC BGC

One/two more back ground checks were done. (ru)

Critical System Administrator Team

* implemented new software deployment process using git and repositories from code.cacert.org that has been started at Datenspuren 2023 in a live session with Dirk (jd)

During the last year we faced some issues and outages of issuing certificates due to hard- and software-issue, which (unfortunately) did not happen during our tests before or could not be solved while being in the data-centre (in this case new visit was necessary).

The data-centre was visited 4 times in FY 2023/2024 by Michaela and Dirk mainly to replace hardware. During some visits the old power-consuming webdb-servers/signers and Raspberry 4 we installed earlier were replaced by Lenovo m710q-Machines using a (more) recent Debian-Version. Our main machines are now using a more modern btrfs-raid while they had a softraid with LVM before (which was one reason for an outage).

Unfortunately there had been some issues with signing Class-1-certificates after changing the signer-environment, this was sorted out and corrected.

The last visit was in early February 2024, since then everything is running without any issues, so at the time of writing (September 2024) there is no new visit planned at the data-centre for now.

The "critical hardware replacement" job is now mostly done, every critical system has now it's hot or cold standby, so we could now switch easily to the "other" half in case there are issues with one of our servers.

Forecast for FY 2024/2025: Get one (or more) volunteers to critical and/or access team to have more flexibility. (da/24)

Access Team

Education

EventsTeam

CAcert was present in three countries: Elsene/Brussels, Karlsruhe, Köln/Bonn, Mildenberg and Männedorf/Zurich at well known events like FrOScon, FOSDEM, Gulaschprogrammiernacht, Chaos Communicationn Camp but also for the first time at CAcert Stubete.

If you look at Events, you will see, that the new year 2024/2025 has started promising as well with four events in three countries. (ru)

CAcert attended Froscon 2023, explaining the upcoming OpenIDConnect-project and doing assurances there. On other smaller and bigger events CAcert-members were active without applying for a stand there.

During Corona internal structures of event-team got lost and afterwards we did not focus on restarting event again on a bigger basis.

Forecast for FY 2024/2025: Restart "events" again by attending events, inform about changes within CAcert, show how to use the new OIDC-login ("Login with CAcert"), give more focus on client-certificates. (da/24)

Infrastructure

* added new external infrastructure monitoring system based on latest Icinga2 with IcingaDB, started rework of infrastructure monitoring to use the new system, added additional monitoring checks for several systems * improved setup of the OpenID Connect systems (authserver and idp) * setup OpenID Connect authentication for code.cacert.org and bugs.cacert.org * regular maintenance and updates of all infrastructure systems

We have two systems (wiki and translations) that still rely on Python 2 and are therefore kept at Debian 10. The Wiki software (moinmoin) is used by other projects (i.e. Debian itself) too and we will see whether there will be a Python 3 variant that will allow an upgrade of the wiki system. Translations uses the Pootle software which has no active upstream. The infrastructure team suggests to switch to Weblate. We suggest to use the Hosted Weblate SaaS offering, as we have no active administrator for the translations system. (jd)

New Root & Escrow Project (NRE)

Organisation Assurance Team

Policy Group

During 2023/2024 (from 07-2023 until 06-2024) was no discussion in the policy group, even from January or February on, a group wanted to start a discussion that was even announced on the blog, but did not happen until the end of the financial year. Another discussion is on the way to be prepared by members of the teams concerning adaption of the policies for Class1/Class3 certificates. (ru)

PublicRelations

Software Development Team

They repair our systems, expand them and adapt them to new requirements. Put new functions through their paces. They deal with errors and find innovative and pragmatic solutions. They also plan, develop and programme new pillars for CAcert. We are talking about a dedicated small group of volunteers known as “Software Team”. When you talk to them, you can immediately sense the enthusiasm with which they work in their free time to create new things together and make progress.

The fact that various small projects have been completed in recent months, that age-related weaknesses have been ironed out and errors rectified, and that a major new project has been brought to the finishing line, is not only thanks to the dedication of these people, but also to the fact that they have succeeded in winning over others. The software team has actually grown this year, with new members joining the team. In fact, the software team has actually grown this year, with new members joining the team.

New recruits initially take on small tasks, working hand in hand with volunteers who know our systems inside out like nobody else. Once they have passed the security check, formerly known as ABC, replaced some time ago by BGC, they also help with work on system-relevant software. Welcome to the Software Team of CAcert! (from the blog

* primary repository has been moved to https://code.cacert.org/cacert/cacert-webdb * several smaller improvements have been merged and deployed using the new

During September Jan and Dirk enabled a new process to get updates to webdb1 and webdb2 using "git pull" instead of copy&paste the changes. This process was tested before on our nameserver NS1 to update the DNS-Zones (e.g. cacert.org).

Brian joined the software-team, so we're now able to two reviews again even if one of us creates the modification.

Forecast for FY 2024/2025: Speed up processing bugreports, reviews ... and maybe add new members to the team.(da/24)

OpenID Connect

OIDC (which is not a team-report, but a CAcert project ... 😉 ):

Jan and Brian put a lot of effort to set up authentication servers for OpenIDConnect/OAuth2. Brian is writing a PHP-based registration-service for one of these servers.

Two (non-CAcert) websites are already using this service as a betatest, The login to our Mantis-based Bugtracker (bugs.cacert.org) was changed from client certificate authentication to OpenIDConnect ("Login with CAcert").

Forecast for FY 2024/2025: Roll out this service to more CAcert-services, set up some demo-code, which uses the "Login with CAcert", publish coding of authentication and registration server, publish demo-code and documentation, show how to CAcert-booth at Froscon (or other events). (da/24)

Support Team

Most work is done by Ales doing a fantastic job as a support engineer and Matthias in Triage. Only in rare cases Joost and Dirk are contacted by Ales.

Forecast for FY 2024/2025: Get one (or more) volunteers to Triage, do a background-check to Matthias.(da/24)

September 2023 - August 2024

General activities

Nothing special:

Statistics

Accounts:

deleted:

22

only blocked (due to SW error).:

21

unconfirmed:

21

Triage daily: min.-avg. daily:

1-20

Advices:

37

Clues to remember passwords:

3

General questions:

54

Translation / Localisation

There was some discussion to switch from pootle to weblate (as a service) in 2023, as the upstream is dead. As there is no localisation activity at the moment, this is not pushed.

Some activity at CATS translation with two pull requests at the moment.

Finance Team

There is no official finance team at the moment. To resolve the troubles with Paypal, the treaurer got some help by Frédéric Dumas and the secretary. (Ru)

AGM/TeamReports/2024 (last edited 2024-09-21 20:13:35 by EtienneRuedin)