THIS PAGE IS OUTDATED
Completed Items in Audit Work Programme
Post-Audit-1
This is the list of things that were achieved after termination of Audit-1.
Task |
Who |
Since |
Complete |
Security Policy back to DRAFT |
201003xx |
201006xx |
|
RDL to DRAFT |
Mark |
2008xxxx |
|
Review of WoT Exceptions - TTP-Assist to DRAFT |
2008xxxx |
201009xx |
|
Review of WoT Exceptions - PoJAM to DRAFT |
2008xxxx |
201002xx |
|
Support expansion |
2008xxyy |
201002xx |
|
Review of WoT Exceptions - Code signing |
policy group |
2008xxxx |
2009xxyy |
Software Changes to Website for RDL |
200806xx |
201006xx |
|
200611xx |
|||
reviewed 3pv's old D a L, now to policy group |
20081221 |
20091213 |
|
interim progress on support reported, Minutes see 2.2 |
20091116 |
20091206 |
|
resolution of the data protection project |
20070822 |
20091206 |
|
appointment of new support t/l |
20080420 |
||
end-of-life plan for Tverify |
|||
first infrastructure VMs come on line in Bern |
swiss team |
200907xx |
200911xx |
CPS moved from svn.cacert.org/CAcert/policy.htm moved to final home |
Policy Group + Software |
20090706 |
|
re-initiated major review of Arbitration work-flow |
Nick + Ulrich |
200907xx |
200911xx |
Board confirmed that exceptions must have policy under Assurance Policy |
200807xx |
||
Support Review - upgrade to SecurityManual |
Iang |
20090502 |
20090721 |
general infrastructure hosting profile agreed |
merano meeting |
20090802 |
200908xx |
Infrastructure (non-critical) hosting strategy agreed |
200905xx |
200908xx |
|
CPS to DRAFT |
Board + Policy Group |
20090124 |
|
20090426 |
20090623 |
Completed Items during Audit 1
Task |
Who |
Since |
Complete |
resignation as auditor |
Iang |
20060101 |
|
Access Engineer expansion - Bas added |
oophaga |
xx |
|
Old CAP forms patched with CCA |
Dirk |
20070830 |
20090601 |
old Assurer's notified of Challenge |
Board + PG |
20080712 AP |
20090522 |
sysadm expansion - added Stefan (ongoing) |
wytze + teus + Arbitrator |
20080930 |
m20090515.1 |
Management Assertion |
Board |
20060814 |
m20090519.1 |
Assurance Review 2009 Spring Tour |
Auditor + Assurers |
20090516 |
20080712 |
20090119 |
20090426 |
||
Software Review Innsbruck (software is audit fail) |
PD + Auditor |
20090301 |
20090420 |
Systems Review Visit #1 |
Auditor + sa/tl |
20090301 |
20090506 |
Sysadm work-thru 2. passwords |
wytze |
20081001 |
20090504 |
Switch off unChallenged Assurers |
200806xx |
20090404 |
|
Assurance Policy to website AP |
software |
20090329 |
|
Security Policy to DRAFT |
policy group |
20090313 |
20090327 |
svn.cacert.org/CAcert/policy.htm CPS reviewed |
PD, teus |
20090124 |
20090313 |
Security Policy extracted from SM, reviewed |
Wytze, PD |
20081201 |
20090306 |
CPS review sects 6 |
20090110 |
20090124 |
|
svn.cacert.org/CAcert/policy.htm CPS incorporate p20090105.1 domain/email decision 4.2.2 |
iang |
20081224 |
20090124 |
Background Check first cut delivered for review |
200709xx |
20090123 |
|
20081017 |
20090119 |
||
CPS review sects 1-5 |
20081016 |
20090110 |
|
svn.cacert.org/CAcert/policy.htm CPS incorporates p20081016 verified decision 4.5.2 |
iang |
20081016 |
20090110 |
svn.cacert.org/CAcert/policy.htm domain/email verification to p20090105.1 |
philipp Dunkel |
20060101 |
20081224 |
Assurance Policy to POLICY p20090105.2.2 |
philipp Dunkel |
20080712 |
20081224 |
SecurityManual reviewed |
iang + teus |
20080101 |
20081201 |
New Roots created (top + Assured) |
Guillaume + nrTF |
20081128 |
|
Systems admin - backups milestone |
wytze |
20081001 |
20081128 |
20081113 "An Open Audit" invited talk |
200805xx |
20081113 |
|
Milestone 1 agreed with NLnet |
20080101 |
200810xx |
|
SecurityManual first cut delivered |
Pat |
20080101 |
20081010 |
20081007 Community Report (interim, AGM) |
20080902 |
20081007 |
|
Systems admin team rebuild |
wytze |
20061225 |
20081001 |
machines moved to NL Data Center |
everyone |
20061225 |
20080930 |
20080801 |
20080902 |
||
20060631 |
|||
20080531 |
20080602 |
||
20080320 |
20080321 |
||
20071226 |
20080320 |
||
200801xx |
20080303 |
||
Assurers Training & Testing Programme |
200703.. |
20080301 |
|
Review of R/L/O |
20060921 |
20080211 |
|
PoP approved to POLICY under its own rules |
policygroup |
20080204 |
|
CAcert Community Agreement approved to POLICY |
policygroup |
20070918 |
|
Management / Audit handed over residual oversight |
Board |
20070525 |
20070919 |
Present new POLICYs to AGM for ratification |
Members |
20061117 |
c20071117.x |
Policy on Policy approved to DRAFT |
Board |
200612.. |
m20070929.4 |
Board |
20070905 |
m20070919.x |
|
funding proposal for audit approved |
200706xx |
m20070919.5 |
|
Principles approved in principle |
Board |
200707.. |
m20070918.5 |
CAcert Community Agreement (was RUA) approved to DRAFT |
Board |
20070830 |
m20070918.4 |
Board |
20060524 |
m20070918.3 |
|
NRP's old D a L approved to POLICY |
Board |
200703.. |
m20070918.1 |
Review of Minutes/Decisions of old board |
20060508 |
20070601 |
|
Minutes of SGM 20070525 |
20070525 |
200706xx |
DecisionNumbers describes the last column