Please note that this document has now been over taken by the Security Policy section 7

The contents of this page should be integrated into Security Manual section 7

Background

Draft started by a bunch of non native English speakers (Australian, Austrian, French, etc.).

Why creating such a policy?
Assuring the security and independence of CAcert community in an hostile environment. 

In the following "bugs.c" refers to "http://bugs.cacert.org"

license change policy

In order to open CAcert development, the current license might be crossed with a lesser GPL compatible license

to do:

Full Casting

Director of Security

basic profile & tasks

required skills & abilities

Development Manager

basic profile & tasks

required skills & abilities

2nd Level Contact

basic profile & tasks

required skills & abilities

Developer

basic profile & tasks

required skills & abilities

Code reviewer

basic profile & tasks

required skills & abilities

Code tester

basic profile & tasks

required skills & abilities

Bug/New feature reporter

basic profile & tasks

required skills & abilities

Normal Processing work flow

management of bug or feature reports

assignment of tasks

reporting of patches to accredited people for code reviewing & testing

patch proposal for production reviewed by the Director of Security

Responsibility management work flow

Environment management work flow

Report Management work flow

all in one

Sensitive & Emergency Processing work flow

This is the sensitive & emergency process for critical issues and especialy "sensitive" parts (private bugs report only).

management of bug or feature reports

assignment of tasks

reporting of patches to accredited people for code reviewing & testing

patch proposal for production reviewed by the Director of Security

Background of the Background

Once upon a time...


PolicyDrafts/DevProcessPolicy (last edited 2009-12-19 14:18:55 by UlrichSchroeter)