= Advisory Minutes 20070927 =

Iang, Teus.

== board members ==

 * Teus approached PM.
 * Pat (G's wife) has been P/SAGE.
 * hopefully keep current members of board relected on AGM.
 * AH, ex-President of board of Usenix, old-timer sysadm background in backups in ATT
 * need to make sure that there is more diversification
 * Ianb ... think of more people from UK? (iang)
 * AW, Mike ?

== AGM ==

 * getting the AGM rolling
 * Yearly report of CAcert:
   * Highlights
   * Financial report
   * Membership report
 * Ask Evaldo/secretary to look after that report (Teus)
 * policy documents to be prepared for ratification
   *  PoP
   *  NRP-DAL
   *  Dispute Resolution Policy
   *  RUA => Policy at AGM ... to review.
   *  Principles.
   *  present Policy on OA as well?

== Policies ==

 * Assurances
   * Individual Assurance -- has taken priority
   * OA -- need this to be strong with users in companies
 * need a clear strong statement on the AGM on what Users
   we serve (??? can't quite recall this bit)
 * User Agreement is an individual document not a Org document.
 * probably acceptable but the name is wrong.
 * could go more towards an "account" agreement.
 * we could take out "User" completely from the title,
   so just CAcert Agreement.

 * propose a list of contributors for each Policy?
   * need to agree a template with Sebastian
   * need to find an editor for each doc
   * reward, versus, getting things done?

== Dispute Resolution ==

 * create mail list called [dispute]
   * add names:  Teus, philipp, Guillaume, Jens, Evaldo.
   * Rob, Greg, Iang on CC only
 * set Teus as moderator.
 * teus can then create a numbering system.
 * Teus will pursue.

== Systems Administration ==

 * Philipp is looking for others to take certain tasks from him.  TC to Teus?  Teus says not for moment.
 * find someone in NL (Hans) to help with systems.
   * old time hacker; student mode; lock picker

Assume that the root server is the blocking node.  Here are some options.

 1. run the keyserver in AT, and have all requests for signing go to AT.  Problem with this is a whole new security arrangement.
 1. ITTC: split the root across nodes.  problem is: no clear delivery times for ITTC.
 1. have a new team build a separate root server in NL.  Then have the main-server-team and the root-server-team separated and "opposed".
 1. have Philipp build the root key server in NL, then have a separate NL team take over, secure, then produce a new root key.

Board + Advisory discussions lead to view that there is no clear statement possible that the existing roots are 'good' so there is a need/desire to plan a new set of roots.

== Minor ==

 * pointed Henrik at the ISOC style guide
 * added notes to wip poFoundations about ISOC view.
 * ask for final version of funding proposal from greg.

== END ==