Board Decisions from AGM 2008 November 2008
This section summarizes all decisions voted on by the board via email and board meeting(s) from the AGM of 7th of November 2008. Note that by the nature of email, sometimes discussions continue and previously agreed decisions get changed.
Board decisions updated up to 2nd of June 2009
November 2008
- m20081112.1 Titles of the Committee (board) CAcert Inc.
- Proposed by board interaction.
- Decision: Accepted by consensus.
- Action: update titles on different wiki pages, update new info and AGM minutes/decisions with NSW trade office.
- Comment: titles can be reviewed after 6 months.
- Office Bearers titles and board members:
title
name
president
Teus Hagen
vice-president
Evaldo Gardenali
treasurer and public officer
Robert Cruikshank
secretary
Guillaume Romagny
member
Philipp Dunkel
member
Greg Stark
member
Alejandro Mery Pellegrini
December 2008
- m20081215.1 Email list of the Committee (board) CAcert Inc. is public readable.
- Proposed by board interaction.
- Decision: accepted (25 Jan 2009)
- Comment: FLOSS foundation have policy to separate public from private by eg email list address BOARD and BOARD-private.
- Comment: private and sensitive information exchange will go via private email exchange.
- Votes: 4 Ayes, 3 pending
- Action: Email list had to be moved to Sympa. Daniel has activated Sympa for this list in Feb 2009.
- m20081215.2 Board email archive up to date of decision m20081215.1 is kept private
- Comment: the old email archive will have private and sensitive info.
- Decision: accepted (25th Jan 2009)
- Votes: 4 Ayes, 3 pending
- Action: start new archive.
- m20081215.3 Destroy backup disks with critical system data using "shred" and/or physical destroy under 4 eyes principle when newer (checked) backups are available.
- Decision: accepted (25 Jan 2009)
- Proposed by: Philipp Dunkel
- Comment: Decision was pending, no need to wait as earlier decision on this was taken.
- Comment: This is related to earlier requests from the board on this issue. Newer backups have been checked by critical systems sysadmin (28th of November 2008).
- Votes: 4 Ayes, 3 pending.
Action: backup disks in Vienna can be destroyed. Sealed disks reside with Sonance and Philipp G in safe storage. Action took place at 28th of Feb 2009 supervised by audit. Report?
Januari 2009
- m20090109.1 On security measurements on the issue of MD5 use in signature algorithm:
- Preface: Use of MD5 signing algorithm is only in the CAcert intermediate Class 3 Root Key serial nr 01.
- Proposed is:
- stop signing certificates with the Class 3 CAcert Root cert with serial nr 01;
- to generate a new Class 3 CAcert root key using the SHA-1 signing algorithm and start signing (intermediate) class 3 certificates with this certificate.
- Proposed by boards interaction.
- Decision: accepted with requisites.
- Votes: 6 Ayes, 1 pending.
- Board comment: There is no urgency for CAcert. New Root Keys are pending for activation. It is an intermediate Class 3 certificate. Already for some years CAcert does not sign with MD5 algorithm.
Action: investigate new Class 3 Root Key intermediate certificate for CAcert if the November 2008 new Root Key activation takes too long.
February 2009
- m20090202.1 Withdraw motion m20080229.16 Budget arrangements for PW for travel/accommodation funding writing security manual within audit project.
- Comment: no need for PW as work ended in June 2008.
- Decision: Withdraw is accepted, no vote needed.
- m20090202.2 Accept motion m20080608.1 Proposal to add Mendel Mobach as trainee for critical systems to core support and administration team.
- Comment: motion was not voted upon awaiting background check which has been done by Philipp Gühring and Guillaume Rogmany. Mendel was added on critical system team in October 2008 by motion m20081006.1.
- Decision: accepted, no vote needed.
- m20090202.3 Motion to vote: Use default GPL V3 license model for software licensing by CAcert under copyright CAcert Inc.
- Comment: motion was entered as m20080114.2 at former board but not voted upon.
- Decision: accepted
- Proposed: Teus Hagen
- Votes: 4 Ayes, 3 pending.
- m20090202.4 Motion to vote: Use Open Source licensing model for documents and web content (e.g. wiki). Choose between FSF GNU FDL V1.3 (November 2008) or Creative Commons Attribute (provide type of license model and version).
- Comment: various versions exists. If Creative Commons is decided provide which version (V2 or V3) and type (one out of 6 types).
- Comment: motion was entered as m20080114.3 "Use FSF FDL licensing for CAcert documentation" at former board.
- Proposed by: Teus Hagen.
Votes: 2 Ayes (pref FDL), 2 Abstain (in favor for Open Source, abstain for choice of model), 3 pending.
- Decision: documents, content, wiki etc should be Open Source type of document licensed, decision on type of license model is undecided pending more votes.
- m20090203.1 Motion to install Rasika Dayarathna as "Internal Auditor".
- Comment: Rasika has passed the exam for CISA first step on auditor certification) from the international ISACA organisation.
- Nominator: Ian Grigg
- Decision: not accepted
- Votes: 1 Aye, 3 Naye, 3 pending.
- Comments made: postpone motion for later.
- m20090203.2 Motion to use draft text from Philipp Dunkel from 23rd Jan 2009 as start for Background check and build experience.
- Comment: text needs to be fine tuned.
- Proposed by: Philipp Dunkel
- Decision: to be reached by 7th Feb
Votes: 2 Ayes, 1 Abstain, 4 pending.
- m20090205.1 Motion to add Alejandro Mery to the CAcert Support team.
- Comment: back ground check has been made by Philipp Gühring and Guillaume Rogmany. Conclusion: no objections.
- Proposed by: Guillaume Rogmany
- Decision: accepted
- Votes: 5 Ayes, 1 Abstain, 1 pending.
Action: get Alejandro on steam at the support team (support@cacert.org)
m20090209.1 Request to start email list sysadmin-log@lists.cacert.org for system logging info exchange.
- Comment: system logging needs to be distributed amoung system admins and needs to be archived. This is actually a name change from a list started as hostingnl for hosting of systems in Nld.
- Proposed by: crit system admins
- Decision: accepted
- Votes: no Nayes received.
- Action: Daniel is asked to start the email list, moderation by crit system managers
m20090210.1 Request to start email list cacert-es@lists.cacert.org for spanish speaking Members.
- Comment: on request by Ismael Olea González via email list manager.
- Proposed by: Daniel Black
- Decision: accepted
- Votes: 4 Ayes, 3 pending.
- Comment: Alejandro will overview the list and activate it. Ismael is moderator. List should be at least publicly readable.
Action: activate cacert-es@cacert.org email list.
- m20090213.1 Proposal to add the link "assurance events" to web menu under "About CAcert.org".
- Proposed by: Greg Stark
- Decision: accepted
- Votes: 4 Ayes, 3 pending.
- Comment: No real votes needed. Board has only veto right on this type of requests.
- Action: Ask development to add the menu entry.
- m20090217.1 Request to allow Wytze vd Raay to use private CAcert email address.
- Proposed by: Daniel Black
- Decision: accepted
- Votes: no veto received.
- Action: Email list manager is asked to add Wytze.
- m20090227.1 Request for OA Assurer Austria: Philipp Dunkel.
- Proposed by: Philipp Dunkel
- Comment: Philipp was involved with trade office registrar definition for Austria. Has done two OA Assurances under supervision.
- Decision: accepted
- Votes: no veto received.
- Action: Support to add Philipp as OA Assurer for Austria (OA wiki page).
March 2009
- m20090303.1 Proposal to run own DNS cacert.org (and other CAcert domains) service.
- Comment: from crit. tech team: run it as DNSsec when possible, service maintenance by crit. system admin team.
- Proposed by: Greg Stark
- Decision: accepted
- Votes: no veto received.
Action: crit. system admin team adds the DNS(sec) service.
- m20090310.1 Request to allow Mendel Mobach to use private CAcert email address.
- Proposed by: Daniel Black
- Decision: accepted by motion m20090310.2
- Votes: veto request 2009-03-10.
- Action: Email list manager is asked to add Mendel.
- m20090310.2 When new member of a team is accepted by the board, his request for a private CAcert email address is automatically honoured. This for the following teams: board (Committee), crit. system admin, system admin, support, arbitration.
- Proposed by: Teus Hagen
- Decision: accepted
- Votes: 5 Ayes, 2 pending.
- Action: on request of the new accepted team member the member receives CAcert email address. Email system admin will notify the change of status to the board.
- m20090311.1 Proposal to assign Sebastian Küppers as Assurance Manager for one year.
- Proposed by: Philipp Dunkel
- Decision: accepted
- Votes: 4 ayes, 3 pending.
- m20090311.2 Acknowledgement that Mario Lipinski withdraws from Assurance Management work.
- Proposed by: Mario Lipinski
- Acknowledged by the board. Mario is thanked for his contributions on this topic.
- Comment: Ulrich Schröter has the intention to followup Mario. Henrik Heigl and Maurice Kellenaers are involved as PR with ass. events.
m20090321.? Placeholder for motions taken at IRC meeting of 21st of March 2009 (Philipp/Teus issue). See draft minutes.
- m20090327.1 CAcert Inc. by means of the Committee acknowledged the CAcert Community Security Policy and will take up the responsibilities as laid down for CAcert Inc. in this Security Policy (Draft per 27th of March 2009).
- Proposed by: Teus Hagen
- Decision: pending
Votes: 1 Aye, 6 pending
- m20090327.2 Proposal to use tracking system for board decisions.
- Proposed by: Daniel Black
- Decision: none
- Action: await experience with the new to be installed tracking system for CAcert services e.g. OA.
m20090328.? Placeholder for motions taken at IRC meeting of 28th of March 2009 (EU DPA issue; NDA issue). See draft minutes.
- Despite the unclear position of Philipp Dunkel statements during the previous meeting and following board list emails, Philipp Dunkel remains Board member (overall consensus)
- m20090328.1: Terminate all NDA-bound agreements, and give them the option to agree with SP, or terminate the current involvement (carried)
- m20090328.2: Creation of Security Policy Subcommittee (carried)
- report proposal Rasika DPA measurements inclusion {to be completed)
- m20090330.1 The board duly authorizes Teus Hagen to make contact with the Dutch Data Controll Commission and enter into negotiations with that body in order to facilitate CAcert compliance with the Dutch DPA.
- Comment: Reports to the board with progress will be expected in a timely fashion.
- Proposed by: Philipp Dunkel
- Decision: accepted
- Votes: 6 Ayes, 1 withholding
- Action: Teus asked Arnoud Engelfriet ICT lawyer in Nld on 30th of March to start with dutch DPA and asked Oophaga Foundation to act as representative for CAcert services.
April 2009
- m20090401.1 Ernestine Schwob and Andreas Bürki to be accepted as OA Assurer for Swiss.
- Comment: Sam Johnston OA Officer seconded the proposal. Philipp OA Assurer AT did OA assurance review.
- Proposed by: Philipp Dunkel
- Decision: accepted
- Votes: no veto within a week
- Action: Reminder: trade office register(s) need to be included in accepted Trade table in OA sub-policy Europe.
- m20090408.1 The board to notify affected Assurer members of the Assurer Challenge Passed restriction of the Assurance Policy is activated.
- Comment: mail shots actions need to be approved by board. Those who are effected by the "old assurers" switch-off on 5th of April need to be informed.
- Proposed by: Teus Hagen/Greg Stark
- Decision: accepted
- Votes: 7 Ayes
- Action: effected old assurers email addresses taken from assurances made after 2007 and no challenge passed. Text prepared by PR/marketing. Report to board on amount email sent (20090522: #1597) and amount emails delivery failed (#2 from Germany).
- m20090416.1 Proposal for Alexander Prinsler as OA Assurer for Belgium.
- Comment: supervised for one OA assurance in Belgium by Teus Hagen.
- Comment: Proposal seconded by Sam Johnston OA Assurance Officer.
- Proposed by: Teus Hagen
- Decision: accepted
- Votes: no veto within a week
- Action: add OA Assurance capability to Alexander account by support.
m20090420.1 Board is asked to agree to Management Assertion
- Proposed by: Alejandro Mery
- Decision: pending
- Votes: pending to discussion
Action: Policy email discussion and when ready info to auditor
m20090422.1 Board is asked to endorse a plan for addition non-critical services and migration of current non-critical infrastructure.
Comment: accepted due to lack of veto from the week beginning 22 Apr 2009 veto within week call
- Proposed by: Daniel Black
- Decision: accepted
- Votes: 4 Ayes, 3 pending
- Action: (item 2,4,5) Daniel to commence discussion with Jeff Gardiner of Idologic and present an offer of agreement to board.
- Action: (item 3) Philipp G. to grant Daniel full access to current non-critical systems to scope their movement.
- Action: (item 7) Daniel to actively seek sysadmin volunteers and present them to the board for permanent access to developed systems.
- Action: (item 8) Daniel to develop plan to move non-critical infrastructure
- Note: item numbers refer to items in the plan.
- m20090423.1 Temporary raise experience points for Chile ass. event to allow 25 assurance points allocation for Assurers Rodrigo Pérez and Javier Fernández Almirall.
- Proposed by: Sebastian Küppers Assurance Officer
- Decision: accepted
- Votes: 4 Ayes, 3 pending.
- Action: Raise experience points for one month by support.
- m20090423.2 Install Ulrich Schröter as CAcert Assurance Event Officer.
- Comment: Ulrich has taken up assurance event management from Mario in March and has taken up his task.
- Decision: accepted
- Votes: 5 Ayes, 2 pending.
- m20090423.3 Do an Organisation Re-Assurance of CAcert Inc.
- Comment: organisation assurance of CAcert Inc. has no track records and has (maybe) done before the Assurance Policy, CCA and Org. Assurance Policy acceptance.
- Proposed by: Teus
- Decision: accepted
- Votes: 6 Ayes, 1 pending.
- m20090423.4 Appoint Sebastian Küppers as Organisation Assurer for Germany.
- Comment: this needs seconding of the Org. Assurance Officer.
- Proposed by: Mario Lipinski (Org Assurer Germany)
- Decision: accepted
- Votes: allow one week for veto.
- Action: added 2009-05-11 org. assurance feature to his account.
m20090424.1 Both Assurance Officers and Assurance Event Officers can request approval for a temporary increase in experience points, provided following details are adhered to, (passed challenge, have some experience, are doing an ass. event, ass. low count of Assurers (provide statistic number), low possibility of TTP). Temporary period will be 4-6 weeks.
- Comment: The request to the board will be accepted if board does not respond within 3 days.
- Proposed by: Teus
- Decision: not accepted
- Votes: 2 Ayes, 4 Nayes, 1 pending
- Action: inform and instruct both Officers on this, as well support.
- m20090515.1 Appoint Stefan Kooman as member of the critical systems admin team.
- Comment: a20090224.1 describes the background check procedure followed.
- Proposed by: Teus
- Decision: accepted
- Votes: 6 Ayes, 1 pending
- Action: provide access credits to Stefan via crit team. Allow use of cacert.org domained email address for Stefan.
- m20090515.2 email lists are under control of the email list manager and can be vetoed after the fact of creation of the list by the board.
- Comment: this is related to the Communication Policy. Board explores a redefinition of the motion.
- Proposed by: Daniel Black
- Decision: pending
Votes: 2 Nayes, 5 pending
- Action: inform Daniel Black on this decision procedure.
- m20090515.3 Initiation of new event-XYZ email list as contact list point for an assurance event XYZ is on request of the ass. event manager.
- Comment: The email lists are managed by email list manager who can create the event-XYZ email list unless vetoed by the board (afterwards).
- Comment: on doubt the email list manager will consult the Board on such request before the list is initiated.
- Comment: this motion replaces m20090515.2.
- Proposed as replacement of m20090515.2.
- Decision: accepted
- Votes: 4 Ayes, 3 pending
- Action: inform email list manager and ass. event officer on this decision procedure.
- m20090517.1 Explore the possibility to have a voting system eg for Board use, installed.
- Comment: Philipp Dunkel is prepared to provide CAcert with a voting program using https.
- Proposed by: Philipp D.
- Decision: accepted
- Votes: 5 Ayes, 2 pending
- Action: have system admin look into it and have it tested for usability on fiddle.it/vote
- m20090518.1 Add Hans Verbeek as CAcert case manager/arbiter.
- Comment: Hans was asked to apply in January 2008. At that time he was too limited in available time.
- Proposed by: Teus
- Decision: accepted
- Votes: 6 Ayes, 1 pending
- Action: inform Hans on disputes, add to the dispute arbiter list and allow @cacert.org email address.
- m20090518.2 Accept Micheal Judd as CAcert Inc. Association Member.
- Proposed by: Teus Hagen, secunded by Robert Cruikshank
- Decision: accepted
- Votes: 3 pending, 2 pending (2 neutral)
- Action: add to membership register, require subscription fee, add to CAcert Inc. membership email list.
m20090519.1 Motion to accept the CAcert Management Assertion of CAcert CA service, CATS, CCA agreement and CAcert policies (AP, OAP, SP/SM, CPS in WiP, DRP and PoP/CCS).
- Proposed by: Alejandro
- Decision: accepted
- Votes: 7 Ayes.
- Action: inform Ian Grigg as CAcert Auditor.
- m20090524.1 Provide Daniel Black with full access to non-critical services and servers.
- Comment: cooperate with crit. systems team on changes, get advise from Philipp Gühring on bigger changes in configurations, get more people in the non-critical systems team (for now Philipp G and Daniel then).
- Comment: non-crit systems team has been informed and asked for feedback on this intention early May.
- Proposed by: teus
- Decision: accepted
- Votes: 4 Ayes, 3 pending.
- Action: allow system access credits for Daniel to non-critical systems.
- m20090524.2 The arbitrator list was checked for failures and replies in the start of May. Those who did not reply can be removed from the list on the 31th of May 2009.
- Proposed by: Teus
- Decision: accepted
- Votes: 6 Ayes, 1 pending.
- Action: adjust the arbitration email list.
- m20090525.1 Add Mario Lipinski to the non-crit. systems team for wiki software and wiki system maintenance.
- Comment: cooperation with non-crit systems team (Philipp Gühring and Daniel Black).
- Proposed by: Philipp Gühring
- Decision: accepted
- Votes: 7 Ayes.
- Action: non-crit team provideds access credentials for Mario for wiki service.
- m20090527.1 Appoint Greg Stark as Organisation Assurance Officer,seconding Sam Johnston for OA.
- Comment: Greg Stark is also on the Board.
- Proposed by: Sam Johnston.
- Decision: accepted
- Votes: 6 Ayes, 1 pending.
- Action: add Greg to Org Ass moderation and add him to the org chart and OA wiki page.
From here on, motions were voted on the board's motion system.
Updated the date at the top of page after adding a decision.