Minutes of the MiniTOP on the 2011-06-14

Setting

The MiniTOP will be held via telco

Attendees:

Topics

(skip to agenda)

new items in last meeting:

Agenda

Minutes

Workshop Weak Keys

Attendees: Marcus, Michael, Uli, dirk

Weak keys testing

first test round is to disable patch on testserver to allow weak keys to add

  1. generate 512 bit keys test (test bug #918 note #2034)

    1. openssl genrsa -out <your-server-name-domain.tld>.key 512

    2. openssl req -new -key <your-server-name-domain.tld>.key -out <your-server-name-domain.tld>.csr

    3. copy + paste to signing request
    4. copy + paste signed pub key <your-server-name-domain.tld>-pub.key

    5. test new pub key: openssl x509 -text -in <your-server-name-domain.tld>-pub.key -noout

      • should result in:
        • Subject Public Key Info:
          • Public Key Algorithm: rsaEncryption
            • RSA Public Key: (512 bit)
              • Modulus (512 bit): ...
              • Exponent: 65537 (0x10001)
  2. generate exponent 3 key test (test bug #918 note #2036)

    1. openssl genrsa -aes256 -out <your-server-name-domain.tld>.key -3 1024

    2. openssl req -new -key <your-server-name-domain.tld>.key -out <your-server-name-domain.tld>.csr

    3. copy + paste to signing request
    4. copy + paste signed pub key <your-server-name-domain.tld>-pub.key

    5. test new pub key: openssl x509 -text -in <your-server-name-domain.tld>-pub.key -noout

      • should result in:
        • Subject Public Key Info:
          • Public Key Algorithm: rsaEncryption
            • RSA Public Key: (1024 bit)
              • Modulus (1024 bit): ...
              • Exponent: 3 (0x3)
  3. OA server keys test

Meeting [22:35]

Attendees: Michael, Uli, dirk, mario, magu

Fixed Action Items since last Meeting


Action Items New

  1. dirk ? michael ? jandd ? alexander ? sven ? - next strategy for "New Roots & Escrow" - get in contact with debian group

  2. dirk, michael, uli - annoying bug #911 (gpg expires 1970), activate gpg on testserver ? pickup upcoming weekend ?

  3. uli, marcus - Testserver + Software Testers - task based help

Action items: Meeting Action Items

Software/Assessment/ActionItems

Development, Deployment, Discussion

  • OAO, Ted

    bug #943 change OA admin/assurer text

    needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected

    {-}

    uli, Ted

    bug #824 Org User cert fix Case study

    Organisation User Certificates: Need UI improvement for proper production usage

    {0}

    uli, ted

    bug #823 email address removal fix

    No warning when removing e-mail address from account that certificates will be revoked
    checked by 4, needs 2nd review, deploy
    rejected

    {-}

    inopiae

    bug #920 Join - single name only (eg Indonesian)

    details under bug number

    {0}

    uli

    bug #859 admin console interface

    feature request: show activity on an account in the admin interface
    rejected, certs login doesn't modify "modified" field

    {r}

    Michael

    bug #540

    p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing
    uli, marcus: needs full cert create tests
    duplicate report to bug#978
    tested by 3, 2nd review done, transfered
    Ken reported: still has problems, bug kept open

    {0}

    gagern, NEO

    bug #440 Problem with subjectAltName (CSR, renew certs)

    There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development

    {r}

    neo

    bug #1025 Domain Dispute issue

    disputes rc and rc2 var prob
    needs work

    {r}

    dirk

    bug #1054 0001054: Review the code regarding the new point calculation

    Thawte patch part II
    needs further work

    {r}

Software Assessors: Review 1 / add to cacert-devel, add to testserver

  • Software-Assessors task

Testing

  • Testers task

    neo

    bug #1004 Stats page improvement

    tested by 2, needs 2nd review

    {0}

    neo

    Bugs #1159 it might be possible to execute commands on the signing server

    {0}

    inopiae

    bug #1065 Wrong wording when sending mails during the assurance process

    {0}

    inopiae

    bug #1162 calcutate (the passwords) hash in php instead of in mysql

    create test scenarios for the software testers /!\
    Full testing /!\

    {0}

    inopiae

    bug #0028 Wrong language for you've been assured & [CAcert.org] Client Certificate emails

    {0}

    inopiae

    bug #988 TTP cap form deployment

    {0}

Software Assessors: 2nd Review, Bundle Package to Critical Team

  • Software-Assessors task

    Ted

    bug #500 Get contact mail adress after resolving test

    tested by 3, requires review

    {0}

    Ted

    bug #1140 Show if a test is passed in learnprogress

    tested by 3, requires review

    {0}

    magu

    bug #1131 Rename _all_ Policies from .php to .html and fix all links

    global policy directory maintenance and update

    {0}

    inopiae

    bug #1010 Reorder the view on organisation certificates

    tested by 3

    {0}

Software Assessors: Bundle Package to Critical Team

  • Software-Assessors task

    inopiae

    bug #1139 Add new fields to the database

    tests through #500 and #1140, 2nd review done, requires transfer

    {0}

Awaiting Response from Critical Team

  • inopiae

    bug #411 Wrong text is made into link

    {g}



Software/Assessment/20110614-S-A-MiniTOP (last edited 2011-09-23 00:04:47 by UlrichSchroeter)