Minutes of the MiniTOP on the 2011-10-11

Setting

The MiniTOP will be held via telco 22:00 CEST

Attendees: Michael, Marcus, Sven, Uli,

Topics

(skip to agenda)

Action items from last meeting Meeting Action Items

Software/Assessment/ActionItems

Development, Deployment, Discussion

  • OAO, Ted

    bug #943 change OA admin/assurer text

    needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected

    {-}

    uli, Ted

    bug #824 Org User cert fix Case study

    Organisation User Certificates: Need UI improvement for proper production usage

    {0}

    uli, ted

    bug #823 email address removal fix

    No warning when removing e-mail address from account that certificates will be revoked
    checked by 4, needs 2nd review, deploy
    rejected

    {-}

    inopiae

    bug #920 Join - single name only (eg Indonesian)

    details under bug number

    {0}

    uli

    bug #859 admin console interface

    feature request: show activity on an account in the admin interface
    rejected, certs login doesn't modify "modified" field

    {r}

    Michael

    bug #540

    p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing
    uli, marcus: needs full cert create tests
    duplicate report to bug#978
    tested by 3, 2nd review done, transfered
    Ken reported: still has problems, bug kept open

    {0}

    gagern, NEO

    bug #440 Problem with subjectAltName (CSR, renew certs)

    There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development

    {r}

    neo

    bug #1025 Domain Dispute issue

    disputes rc and rc2 var prob
    needs work

    {r}

    dirk

    bug #1054 0001054: Review the code regarding the new point calculation

    Thawte patch part II
    needs further work

    {r}

Software Assessors: Review 1 / add to cacert-devel, add to testserver

  • Software-Assessors task

Testing

  • Testers task

    neo

    bug #1004 Stats page improvement

    tested by 2, needs 2nd review

    {0}

    neo

    Bugs #1159 it might be possible to execute commands on the signing server

    {0}

    inopiae

    bug #1065 Wrong wording when sending mails during the assurance process

    {0}

    inopiae

    bug #1162 calcutate (the passwords) hash in php instead of in mysql

    create test scenarios for the software testers /!\
    Full testing /!\

    {0}

    inopiae

    bug #0028 Wrong language for you've been assured & [CAcert.org] Client Certificate emails

    {0}

    inopiae

    bug #988 TTP cap form deployment

    {0}

Software Assessors: 2nd Review, Bundle Package to Critical Team

  • Software-Assessors task

    Ted

    bug #500 Get contact mail adress after resolving test

    tested by 3, requires review

    {0}

    Ted

    bug #1140 Show if a test is passed in learnprogress

    tested by 3, requires review

    {0}

    magu

    bug #1131 Rename _all_ Policies from .php to .html and fix all links

    global policy directory maintenance and update

    {0}

    inopiae

    bug #1010 Reorder the view on organisation certificates

    tested by 3

    {0}

Software Assessors: Bundle Package to Critical Team

  • Software-Assessors task

    inopiae

    bug #1139 Add new fields to the database

    tests through #500 and #1140, 2nd review done, requires transfer

    {0}

Awaiting Response from Critical Team

  • inopiae

    bug #411 Wrong text is made into link

    {g}

Agenda

  1. bug #976

  2. The List of open / running / unhandled bugs - Part I

    1. bug #827 patch

      • Dirk, Michael

        bug #827 and bug #959 Thawte patch/Points-Count-Order-Change project

        related bug 959: needs 1 more test, needs 2nd review / 2nd review: also check -x / tests done, needs 2nd review
        959 {g} reviewed, deployed
        827 {g} reviewed, deployment in 2 steps
        deployed, report from Wytze

        {g}
        {0}

        • dirk needs results from arbitration a20100822.1 request to magu

    2. New proposal: scripted mailing for 0:0 F2F cases with detailed instructions
      1. get information how many 0:0 cass we have ?

        • info from last years arbitration a20100822.1 ? (documentation is not yet avail)

        • Lambert as Arbitrator, Martin as Case Manager and dirk in role as SA as Claimant should know the answer
      2. is it possible to update 15.php script to signal the 0:0 F2F assurance cases ?!? eg by color blue or background color light yellow ?
        • dirk: 15.php can be easily upgraded - not only color also italic
      3. to prepare an arbitration process for a scripted mailing announcement
        1. to the assuree's who may loose points caused by 0:0 cases
        2. to the assurers, who can re-apply their assurance over assuree's with the 0:0 problem
      4. arbitration initiated

      5. wiki faq created: FAQ/NewPointsCount#YellowLines

    3. PR work - Alex proposal (Update?)
      1. thawte patch - blog post
      2. newsletter mailings
        1. thawte patch details
          1. infos about thawte points removal
          2. infos about points counting
      3. infos from last meeting: Alex prepared an article

        • 150 pts -> rewrite

        • "Diese von der CA Thawte vergebenen Punkte können schon seit geraumer Zeit ..."
          • points cannot be verified
          • these points will be revoked
          • "nicht mehr beruecksichtigt"

        • Text proposal: PR/News/NewPointsCalculation

      4. Boards motion: last meeting started Board meeting 2011-10-09, will continue upcoming Sunday

        • request for statement by critical team
        • proposal by critical team:
          1. to pace the email sending out a bit, e.g. by doing a chunk of 1000, then waiting 19 minutes (by a programmatic sleep) before starting the next chunk of 1000 etc
          2. pushing out the whole mailing will take somewhere between one and two full days
          3. reduce Postfix' maximal_queue_lifetime from the default 5 days to say 2 days

          4. Basically a20100309.1 already gives permission for this mailing, except that it outlines a somewhat different technical implementation of such mailings. But policy-wise there doesn't seem to be a difference to me with what we are proposing here, so why bother with addtl arbitration?

      5. new text update 2011-10-10 - updates implemented in revision 0.2 PR/News/NewPointsCalculation ? 

        •  * 150 pts -> rewrite
 * "Diese von der CA Thawte vergebenen Punkte können schon seit geraumer Zeit ..."
  * points cannot be verified
  * these points will be revoked
  * "nicht mehr beruecksichtigt"
 * Text proposal: read attachment on meeting invitation
  * Assurance + Experience pts, in German text ok, in English text not ok
  * will be ceased to exist -> revoked
    4. Questions from last 3 meetings:
      • dirk: when will 827 goes to production ?
      • michael: will check this week
      • delayed cause working on translation server deployment
      • patches on testserver that needs to be removed: bug #824 and bug #900, done last week within meeting
      • Michael, Ted: 2nd review, deploy to critical team
      • michael, ted: Update?

      • bug #882 and bug #827 passed transfer to critical system

  3. Infrastructure seperation
    • info from funkfeuer.at
    • power input of dl blade server? 
      • DL380G3-power calculation

Total System Input power requirement (W)                                     485
Total System Input current requirement (A)                                   2,2
Total System BTU/Hr                                                          1653
Total System VA Rating                                                       495
Total System Leakage Current (mA)                                            1,44
Total System Peak Inrush Current (A) 2mS UPS/PDU/Circuit Breaker Selection   100

(source: http://h30099.www3.hp.com/configurator/calc/Power Calculator Catalog.xls)
    • forwarded to board-private
  4. Michaels workqueue
    1. Translingo

      • https://translations.cacert.org (http://translations.cacert.org/) (replacement for translingo)

      • the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
      • I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
      • last foreign uploads 2008 on about 13 + cacert projects
      • whohas translingo server console access?
        • mario
      • req for console access for michael to contact project leaders, Updates?
      • Transfer In, Transfer Out problems
      • Update from new deployment ?
      • opened for: create an account can now be started
      • Michaael current state:
        • import and export routine works
        • script to incorporate updates needs fixed
    2. New function to TMS - edit notary table record

      • bug #980

      • infos from last meeting
      • testers needs editing individual notary records: fields "method", "awarded", "points"
      • easier to create notary records with testserver (add F2F), and edit existing record, doesn't need to check for assurer-from, assuree-to and so on
      • Update?
  5. Dirks workqueue - The List of open / running / unhandled bugs

    1. VBscript for Vista/Win7 (select keysize >= 1024) - reminder to dirk

      • x1 Dirk, new bug#964
        DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV

        current state: test /account/4.php added to testserver
        Marcus will do detailed tests on Wed
        some references added to bug#964

        {-}

      • as part of

      • x1 Arbitration case a20110312.1 Weak keys bug #918 / bug #954 / bug#964

      • Current state:

        • {g}

          pre mailing sent

          {g}

          keys revocation script to bulk revoke weak keys, new bug #954, finished

          {-}

          dirk: DEV: a20110312.1 bug#918 Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV
          vbscript needs to be improved with select box key size and lower limit to 2048 (based on https://wiki.mozilla.org/CA:MD5and1024)
          Api CertEnroll (MS crypto provider)
          new bug#964
          current state: test /account/4.php added to testserver
          Marcus will do detailed tests on Wed
          some references added to bug#964

          {g}

          Weak keys blog post, published

          {g}

          Weak keys article published by Hanno(July 28), link is in CAcert's blog post (July 30)

          {b}

          weak keys: problems with cryptostick (to test at Froscon with Juergen ?)

      • cert enroll infos under bug#964

      • vista and win7 works with other engine !CryptoAPI (?) => Cryptography API: Next Generation

      • Update (5th week) ?
      • dirk: has not started the virtual machine
      • Question from Marcus: did someone contacted illuminat?
        • No, Marcus: to contact illuminat
    2. Advertising

      1. Prepare Advertising fix for testserver - reminder to dirk

        • Dirk

          Advertising (from last board meeting), bug #958

          add changes as discussed in last meeting to testserver

          {0}

        • CAcertInc/LogosForSale/Rules wiki link exist

        • "buy me" logo / "Logo For Sale" logo / "Monthly Auction on Logos" logo
        • Logos and Links exist, needs deployment to testserver
        • Update (5th week) ?

  6. Bugs to Review #1, transfer to testserver - Currently 4

    • uli

      bug #977 admin console text fix

      admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue

      {0}

      uli

      bug #967 OA isassurer check

      Give an OA the oppertuntiy to check if a desiginated Organisation Admininistrator is a CAcert assurer

      {0}

      uli

      bug #859 admin console interface

      feature request: show activity on an account in the admin interface, new update /!\

      {0}

      inopiae

      bug #981 OA overview (dupe of bug #943)

      New layout of view for Organisation Administraors in account/id35

      {0}

  7. Bugs under testing: - Currently 4

    • uli, Michael

      bug #966 cancel doesn't cancel but processes instead

      potential workaround to fix all "Cancel" requests available
      addtl. individual fixes
      last update 2011-08-30
      3 times tested
      ready to deploy?
      some more tests after bug#824 removal

      {0}

      neo

      bug #985 move translingo to translations

      check language settings under testserver

      {0}

      inopiae

      bug #920 Join - single name only (eg Indonesian)

      details under bug number

      {0}

      uli

      bug #855 admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver

      admin console lists "empty" and "Unknown" assurance types on listing given Assurances

      {0}

  8. Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently 10 (!!!)

    • define priority eg. 10,2, and so on

      1

      moh
      Done: Ted
      ToDo: Michael, dirk

      bug #596 certs list advanced

      display ser# in certs overview lists

      {0}

      ? / u5 / m5

      2

      uli, ted

      bug #794

      visibility over certificates for sysadm in account administration, new update 2011-09-24

      {0}

      ? / u1 / m1

      3

      uli
      Done: Ted, Micael
      ToDo: Ted, dirk

      bug #846 Join Form restructure, help link

      Better guidance of bonafide members in Join Form about Suffixes they doesn't have in their ID doxs (a20100207.2)
      Michael added fixes, so 2nd review needed again
      new update 2011-09-13, needs complete re-test

      {0}

      ? / u5 / m4

      4

      uli, ted

      bug #789 OA edit domain fix

      Editing domain for organisations does not work
      new update 2011-09-26

      {0}

      ? / u7 / m7

      5

      uli, ted

      bug #968 error logging cleanup (splitted bug #909)

      split 0000909: too many error messages logged - part II - general.php
      create certs,certs,certs
      2 sessions: 2011-09-21 + 2011-09-25
      more tests needed
      create certs,certs,certs,certs
      create client, server, gpg keys, org client and server certs

      {0}

      ? / u4 / m5

      6

      uli, Ted

      bug #965 0000965: Outsource / fix Webdb text pages id=12, 13

      addtl. id=37, id=38, new update 2011-09-25

      {0}

      ? / u10 / m10

      7

      Ted, uli

      bug #957 Resize the comment field on https://secure.cacert.org/account.php?id=27 so more information is visible

      last update 2011-08-19
      tested 3 times
      ready to deploy?

      {0}

      ? / u8 / m8

      8

      Dirk

      bug#894 assure someone patches (checkbox)

      (incl wot.php changes)
      tested by 2, needs 2nd review, deploy

      {0}

      ? / u1 / m1

      9

      uli

      bug #823 email address removal fix

      No warning when removing e-mail adres from acount that certificates will be revoked
      checked by 4, needs 2nd review, deploy

      {0}

      ? / u9 / m9

      10

      uli, ted

      bug #975 admin console interface (2)

      report potential database inconsistency in SE console (debug infos)
      tested by 3, needs 2nd review, deploy

      {0}

      ? / u1 / m1

  9. Needs development, deployment, discussion

    1. bug #835 Migrate CATS onto testserver

      • bug #835 Assurer challenge (on testserver)

        asssigned to Ted, CATS to install on ca-mgr1, awaiting deployment

        {0}

    2. bug #943 change OA admin/assurer text

      • bug #943 change OA admin/assurer text

        -> Ted, rejected, needs comment from OAO

        {-}

      • webdb names OrgAdmins as OrgAssurers and names OrgAssurers as OrgAdmins.

      • patch takes account about this issue
      • problem with menu link Org Admin .. is Org Assurers menu
        • but this menu includes one addtl. link "View" that is available for Org Admins
          • and Org Admins with master flag to add new admins

        • master flag is not described in OAP (!)

        • addtl master flag to revoke ?
        • rename to "Org Administration"

        • don't show menu to OrgAdmins

      • dupe bug# 981

    3. bug #824 Org User cert fix

      • uli, Ted

        bug #824 Org User cert fix

        Organisation User Certificates: Need UI improvement for proper production usage
        working session: needs to be removed from testserver, done
        Case study

        {0}

    4. bug #988 TTP cap form deployment

      • uli

        bug #988 TTP cap form deployment

        Case study

        {0}

  10. strategy plans ... next: strategy for "New Roots & Escrow"

    1. idea: using indirect crl's ?
      • 2 crl's needed, one valid, one invalid crl server
      • more infos available ? who ?
        1. build testserver with special certs
        2. Magu, Michael to send instructions for test deployment
      • meetings ago we've defined Testing requirements and a potential testszenario
      • to remind every meeting
      • Michael: testserver environment deployment
    2. policy group: define requirements
      • multimember escrow method ?
        • needs risk analyze
        • potential candidates ?
          • Marcus to contacted Benedikt, will contact Thomas K
          • Next step(s)
    3. how does debian work ?
      • defered to Froscon (end of Aug), CCCcamp (around Aug 10th)
  11. CI (Update)

    1. description to eclipse testpage, Webinar

      • deployment scenario:
        1. create testusers
        2. testing
        3. delete testusers
      • regression test for standard tests: eg 0,1,49,50,51,99,100,101 pts w/ and w/o CATS passed
      • reminder
    2. Jubula Test-Tool (by Michael) - update?
    3. new proposal by Sven: Webdriver with Maven and Jenkins-CI
  12. next meeting: Tuesday, October 18, 2011 22:00

Minutes

  1. bug #976

  2. The List of open / running / unhandled bugs - Part I

    1. bug #827 patch

      • mailing needs some work

      • uli contacted Wytze, Wytze replied, scripted mailing can be used under a20100309.1, needs some modifications

  3. git repository access
  4. CI (Update)
    1. new proposal by Sven: Webdriver with Maven and Jenkins-CI
      • design discussion Jubula vs. Webdriver
    2. testserver variants
      1. testserver for manual tests
      2. testserver of OS and application upgrades
      3. testserver for CI
    3. next plan by Michael: signer recoding with python
    4. test methods
      1. unit test
        • test single modules, exceptions
      2. integration tests
        • test interaction of modules
      3. system tests
        • complete system test, with database interactions, module interactions and much more

  5. bug #827 patch

    1. Questions from last 3 meetings:
      • dirk: when will 827 goes to production ?
      • michael: will check this week
      • delayed cause working on translation server deployment
      • patches on testserver that needs to be removed: bug #824 and bug #900, done last week within meeting
      • Michael, Ted: 2nd review, deploy to critical team
      • michael, ted: Update?

      • bug #882 and bug #827 passed transfer to critical system

      • 10.php update nearby mailing
  6. Infrastructure seperation
    • info from funkfeuer.at
    • power input of dl blade server?
      • DL380G3-power calculation: Total System Input power requirement (W) 485
      • power test will run Wed or Thu
    • forwarded to board-private
  7. Michaels workqueue
    1. Translingo

      • https://translations.cacert.org (http://translations.cacert.org/) (replacement for translingo)

      • the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
      • next: complete language handling needs to be updated
      • accept lang handler needs fix
        • FF de, de_de
        • IE 6 de, 8,9 de_de
    2. New function to TMS - edit notary table record
      • No Update
  8. Repository / Code review handling
    • Sven: feature branch conflicts with CI
    • current environment testserver state is the master
    • more discussions

  9. Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently 10 (!!!)

    • define priority eg. 10,2, and so on
    • proposed order: from 1 to 10

      1

      uli, ted

      bug #975 admin console interface (2)

      report potential database inconsistency in SE console (debug infos)
      tested by 3, needs 2nd review, deploy

      {0}

      ? / u1 / m1

      2

      uli, ted

      bug #794

      visibility over certificates for sysadm in account administration, new update 2011-09-24

      {0}

      ? / u1 / m1

      3

      Dirk

      bug#894 assure someone patches (checkbox)

      (incl wot.php changes)
      tested by 2, needs 2nd review, deploy

      {0}

      ? / u1 / m1

      4

      uli
      Done: Ted, Micael
      ToDo: Ted, dirk

      bug #846 Join Form restructure, help link

      Better guidance of bonafide members in Join Form about Suffixes they doesn't have in their ID doxs (a20100207.2)
      Michael added fixes, so 2nd review needed again
      new update 2011-09-13, needs complete re-test

      {0}

      ? / u5 / m4

      5

      uli, ted

      bug #968 error logging cleanup (splitted bug #909)

      split 0000909: too many error messages logged - part II - general.php
      create certs,certs,certs
      2 sessions: 2011-09-21 + 2011-09-25
      more tests needed
      create certs,certs,certs,certs
      create client, server, gpg keys, org client and server certs

      {0}

      ? / u4 / m5

      6

      moh
      Done: Ted
      ToDo: Michael, dirk

      bug #596 certs list advanced

      display ser# in certs overview lists

      {0}

      ? / u5 / m5

      7

      uli, ted

      bug #789 OA edit domain fix

      Editing domain for organisations does not work
      new update 2011-09-26

      {0}

      ? / u7 / m7

      8

      Ted, uli

      bug #957 Resize the comment field on https://secure.cacert.org/account.php?id=27 so more information is visible

      last update 2011-08-19
      tested 3 times
      ready to deploy?

      {0}

      ? / u8 / m8

      9

      uli

      bug #823 email address removal fix

      No warning when removing e-mail adres from acount that certificates will be revoked
      checked by 4, needs 2nd review, deploy

      {0}

      ? / u9 / m9

      10

      uli, Ted

      bug #965 0000965: Outsource / fix Webdb text pages id=12, 13

      addtl. id=37, id=38, new update 2011-09-25

      {0}

      ? / u10 / m10

      • #1 reviewed and transfered by Michael within meeting
  10. Question time
    • some questions from Sven eg. coding style
    • TMS system
    • Michael's project: signer rewrite with python
    • testunit pyunit
    • discussion about programming languages

Fixed Action Items since last or within meeting

Action Items New

Action items: Meeting Action Items

Software/Assessment/20111011-S-A-MiniTOP (last edited 2011-10-11 23:44:08 by UlrichSchroeter)