To Software Software - To Software-Assessment - Software/Assessment - To previous meeting - To next meeting
Minutes of the MiniTOP on the 2011-12-06
Setting
The MiniTOP will be held via telco 22:00 CET
Attendees: magu, marcus, uli, michael, dirk
Topics
(skip to agenda)
Action items from last meeting Meeting Action Items
Agenda
1. "Software-Assessment works slow"
- Why it takes so long to pass patches ?
- Does a patch doesn't work as advertised?
- Or is it: this patch raises security issues?
The point of the dual control over software is to stop any person introducing security breaches. That doesn't extend to introducing patches that don't work ... as long as they don't breach the security, a known incomplete patch can still be introduced.
SP 7. SOFTWARE ASSESSMENT ... defines:
7.2. Tasks The primary tasks for Software Assessors are: 1. Keep the code secure in its operation, 2. Fix security bugs, including incidents, 3. Audit, Verify and sign-off proposed patches, 4. Provide guidance for architecture, Software assessment is not primarily tasked to write the code. In principle, anyone can submit code changes for approval
7.4. Review At the minimum, patches are signed off by the team leader or his designated reviewer. Each software change should be reviewed by a person other than the author. Author and signers-off must be logged. The riskier the source is, the more reviews have to be done.
- Discussion
2. bug#794 Display certs in admin console
bug #827 mailing results in around 36 new "delete account cases" moved into disputes queue
Time and action needed per case
total
0,5 hour
to move from disputes into arbitration queue (iCM)
18 hours
2 hours
pickup and handling by an arbitrator
72 hours
20 min
handling by an SE
12 hours
Total:
102 (12) hours
- The problem:
- Arbitration is slow (don't wonder why)
- Delete Account cases can be handled by Support-Engineers, once Arbitrator has an option to rule a precedent case, that SE can check that 0 certs are used by the user, w/o hijacking an account
so this will free the disputes queue of about > 90% of all "delete account" cases
- summary: 12 hours work by an SE with a software fix, + (10% of 90 hours = ) 9 hours by arbitration = 21 hours in total instead of 102 hours without a software fix
from within last meeting: bug#794 Display certs in admin console
- assigned to michael
3. bug #827 - New Points calculation / Thawte patch
- PR work
- mailing script running/sent
- End results ?
- "Special case" - handling of 0:0 cases under arbitration
Arbitration case a20111001.1 still running
review of Support/Handbook/NewPointsCalculation instructions for SE's
- 3 potential scenarios possible:
- orig email is identical to email addr on CAP form
- orig email is secondary email in account, assuree can set email addr from assurance to primary email
- orig email from assurance is no longer valid, assurer has to contact support
- addtl. documentation required
- new email addr to write onto assurers cap form, with ticket id, old assurance id, new assurance id
- addtl. documentation old id + ticket id to add in locations field
- mailing script / sql query
- 3 potential scenarios possible:
- bug#827 + bug#882 to merge
- close bug#882
- wot.inc.php + notary.inc.php to merge
- continue with bug#827
- pojam bug to fix
4. Patches queue
Translingo bug #985
https://translations.cacert.org (http://translations.cacert.org/) (replacement for translingo)
- the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
- I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
- last foreign uploads 2008 on about 13 + cacert projects
- whohas translingo server console access?
- mario
- req for console access for michael to contact project leaders, Updates?
- Transfer In, Transfer Out problems
- Update from new deployment ?
- opened for: create an account can now be started
- Michael current state:
- import and export routine works
- script to incorporate updates needs fixed
- next: complete language handling needs to be updated
- accept lang handler needs fix
- FF de, de_de
- IE 6 de, 8,9 de_de
- working session within last meeting: michael, marcus
- infos from meeting 2011-10-18
- pdf code needs rewrite (uni code library, move to external server (outsourcing))
- message cert notification - uses perl code, text source not avail (get bind-text-domain)
- infos from meeting 2011-10-18
- current state?
- Marcus sent mailing to translators, no response so far, no tests so far (week 3)
- Morten NO
- Emanuel IT
- current state:
- create test system accounts dutch@test, espania@test and so on, let users do their tests
- Magu, Marcus will give it a try
- a couple of testers has started testing and reporting within the last 7 days
- results: de, fr, en, pl, es, pl
last meeting: working session bug#985 translingo transfer
- Michael: needs 2nd review
bug#894 "Haeckchen bug" - review done, changes needs reviewed again
3
Dirk
bug#894 assure someone patches (checkbox)
(incl wot.php changes)
tested by 2, needs 2nd review, deploy
new test round{0}
? / u1 / m1
- review by dirk in session, review ok
- current state:
- needs testing
- Magu, Marcus will pickup the task
- one and last test and report done 2011-11-19 (week 4)
running arbitration a20111001.1 prob
- checkbox on AP, "Haeckchen bug" helps to pass the "old" assurance
- alternates: adding comment field if checkbox is not set
- current patch: check on AP to disable
- patch transfered to cacert-devel
- first test: first two checkboxes set, ok
- pojam case potential problem
< 18 years -> 10 pts, < 14 years -> 0 pts
2011-11-01 -> 10.php: 0 pts, 15.php -> 10 pts
- 14 years limit started with pojam, limit given by pojam reached, issue upto 10 pts
- pojam case potential problem
- test report from 2011-11-29
0 checkbox
error missing checks
only 1st checkbox
error missing checks
only 2nd checkbox
error missing checks
1+2 set
ok
1+2+3 set
ok
- ready to deploy?
bug#540 No key usage attribute in cacert org certs anymore?
Marcus: working session bug#789 OA field extension
- magu to test
Marcus: working session bug#859 Activity on Account
- Michael: needs 1st review + transfer to testserver
bug #976 - database restructure preperation
- current state summary:
- transfered to critical system, patch has been applied
- database upgrade, scheduled for Wed Nov 23rd, successfully finished
- downtime was about 5 min
- cacert user has all permissions
- Michael: proposal to limit permissions, eg remove, drop, index, references
- magu: problem, can we expect that all works as before?
- uli: if there are permission problems, this will be logged and logs the source
- Update: Michael + Wytze worked on this, problem solved?
- current state summary:
5. Michaels workqueue
- OCSP server - timeout 10 min too short, 3 days to long, recommendation is 24-48 hours max, verisign: 7 days, startssl: 2d
- who has been informed, contacted?
- Michael will inform Wytze
- not yet written
thread relates to https://lists.cacert.org/wws/arc/cacert-board/2011-11/msg00021.html
- Build + Document Emergency Patches Path
Build + Document Emergency Patches Path
Andreas, Uli, Wytze
{0}
- Documentation written, reviewed by Wytze, Marcus
Michael: reminder for review Software/Assessment/Documentation/EmergencyPatches
- other reviews done ?
- New function to TMS - edit notary table record
- infos from last meeting
- testers needs editing individual notary records: fields "method", "awarded", "points"
- easier to create notary records with testserver (add F2F), and edit existing record, doesn't need to check for assurer-from, assuree-to and so on
- Update?
- Michael (2011-11-15): after some other bug reviews
6. Dirks workqueue - The List of open / running / unhandled bugs
VBscript for Vista/Win7 (select keysize >= 1024) - reminder to dirk
x1 Dirk, new bug#964
DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEVcurrent state: test /account/4.php added to testserver
Marcus will do detailed tests on Wed
some references added to bug#964{-}
- as part of
x1 Arbitration case a20110312.1 Weak keys bug #918 / bug #954 / bug#964
- Current state:
{g}
pre mailing sent
{g}
keys revocation script to bulk revoke weak keys, new bug #954, finished
{-}
dirk: DEV: a20110312.1 bug#918 Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV
vbscript needs to be improved with select box key size and lower limit to 2048 (based on https://wiki.mozilla.org/CA:MD5and1024)
Api CertEnroll (MS crypto provider)
new bug#964
current state: test /account/4.php added to testserver
Marcus will do detailed tests on Wed
some references added to bug#964 - codename "BlackJack"{g}
Weak keys blog post, published
{g}
Weak keys article published by Hanno(July 28), link is in CAcert's blog post (July 30)
{b}
weak keys: problems with cryptostick (to test at Froscon with Juergen ?)
cert enroll infos under bug#964
vista and win7 works with other engine !CryptoAPI (?) => Cryptography API: Next Generation
http://msdn.microsoft.com/en-us/library/aa833130%28v=VS.85%29.aspx
Marcus: added notes for Win7 https://bugs.cacert.org/view.php?id=964#c2249
- dirk: has not started the virtual machine
- Question from Marcus: did someone contacted illuminat?
- No, Marcus: to contact illuminat
- illuminat will give it a try, first needs download of testserver image
- Update?
- marcus: illuminat not yet seen last time
baseline requirement - keyssize >= 2048 to fix till end of 2011
- how to proceed?
- dirk: 1st step, to bring win test server localy online
- marcus: to contact illuminat
- Do we have other developers who may pick up this project?
7. General Bugs List Overview
Bugs to Review #1, transfer to testserver - Currently 4
uli
bug #977 admin console text fix
admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue
{0}
uli
bug #967 OA isassurer check
Give an OA the oppertuntiy to check if a desiginated Organisation Admininistrator is a CAcert assurer
{0}
uli
bug #859 admin console interface
feature request: show activity on an account in the admin interface, new update
{0}
inopiae
New layout of view for Organisation Administraors in account/id35
{0}
Bugs under testing: - Currently 5
neo
bug #985 move translingo to translations
check language settings under testserver
{0}
inopiae
bug #920 Join - single name only (eg Indonesian)
details under bug number
present to Policy Group ?{0}
uli
bug #855 admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver
admin console lists "empty" and "Unknown" assurance types on listing given Assurances
{0}
3
Dirk
bug#894 assure someone patches (checkbox)
(incl wot.php changes)
tested by 2, needs 2nd review, deploy
new test round{0}
? / u1 / m1
7
uli, ted
bug #789 OA edit domain fix
Editing domain for organisations does not work
new update 2011-09-26
more fixes, more testing
* testcase scenario
* open org, edit 1st domain in new window, edit 2nd domain in new window
* results in: change made in window 2, written to record in window 2
* needs cross checking{0}
? / u7 / m7
Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently 1
- define priority eg. 10,2, and so on, proposed order: from 1 to 10
8
Ted, uli
bug #957 Resize the comment field on https://secure.cacert.org/account.php?id=27 so more information is visible
last update 2011-08-19
tested 3 times
ready to deploy?{0}
? / u8 / m8
- define priority eg. 10,2, and so on, proposed order: from 1 to 10
- Needs development, deployment, discussion, reminder
8. Long term projects
strategy plans ... next: strategy for "New Roots & Escrow"
- idea: using indirect crl's ?
- 2 crl's needed, one valid, one invalid crl server
- more infos available ? who ?
- build testserver with special certs
- Magu, Michael to send instructions for test deployment
indirect CRL: RFC 5280 http://tools.ietf.org/html/rfc5280 (chapter 5)
- meetings ago we've defined Testing requirements and a potential testszenario
- to remind every meeting
- Michael: testserver environment deployment
- Michael will review after Certs extension policy group vote
- policy group: define requirements
- multimember escrow method ?
- needs risk analyze
- potential candidates ?
- Marcus to contacted Benedikt, will contact Thomas K
- Next step(s)
- multimember escrow method ?
- idea: using indirect crl's ?
- CI (Update)
description to eclipse testpage, Webinar
- deployment scenario:
- create testusers
- testing
- delete testusers
- regression test for standard tests: eg 0,1,49,50,51,99,100,101 pts w/ and w/o CATS passed
- reminder
- deployment scenario:
- Jubula Test-Tool (by Michael) - update?
instructions see under Minutes meeting 2011-08-30
- test deployment needs to be continued by software testers
Jubula documentation started: Software/Jubula
- new proposal by Sven: Webdriver with Maven and Jenkins-CI
- Jubula vs. Webdriver
- testserver variants
- testserver for manual tests
- testserver of OS and application upgrades
- testserver for CI
- test methods
- unit test
- test single modules, exceptions
- integration tests
- test interaction of modules
- system tests
- complete system test, with database interactions, module interactions and much more
- unit test
- sven did some work regarding frontendtest (Webdriver with Maven and Jenkins-CI)
- Michael did some review: probably needs some seperation
- Infrastructure seperation
- contacting secure-u, oophaga started?
- Frank, Mario, Ted, Uli, Sebastian ?
- 2011-12-01: Vienna response
- contacting secure-u, oophaga started?
9. next meeting: Tuesday, December 13, 2011 22:00
- dirk at 13th away
Minutes
- bug #827 mailing results
- mailing started: 2011-11-27 10:00
- mailing finished: 2011-12-01 00:00
- 210.000 mails sent
- approx 24747 returns (~10%)
- "Software-Assessment works slow"
- Why it takes so long to pass patches ?
- Does a patch doesn't work as advertised?
- Or is it: this patch raises security issues?
- Michael: most problems code quality
- doesn't qualify on quality
- not well documented
- security leaks?
- not much, not many
- problems can be
- confidentialy
- integrity
- availability
- SP: defines review on Security breaches
- eg points removal, patch written, no security breach, should this patch be passed?
- Who defines code good to go? Commiter job, quality check
- 2 tier developers team
- developers reviews patches
- software-assessors makes last review
- Task: transfer patches to production
- we have to deal with current resources
- we have to deal with spaghetti code, a mess to review
- wish list: quality code
- It does not make sense to pass unfinished code, if the patch pops up 3 months later again
- sub discussion: google code of summer
- announcements to the dev mailing list to encourage developers to become active
- responses to software-assessment project team meeting invitations can be forwarded to developers list
- developers list: 130 subscribers
Marcus -> dirk: announcement of vbscript bug to developers mailing list
- change keysize
- merge 2 scripts to one
- fix on script 1 needs fix in 2nd script too, solutions: include, one file, or comment fix script 2 too
- Process restructure?
- quality level definitions?
- fast processing?
- quality standards?
- first reviewer has to check quality?
- 2nd reviewer only checks security breach topics?
- split commiter review from SA review?
- proposal?
- first round: committer review, testing, committer review
- second round: review by 2 SAs
- Why it takes so long to pass patches ?
interrupt: bug#964 -> codename "BlackJack"
- relates to IE8 problem, that certs cannot be created
is there a security issue with available fix? also bug#918
- related 927, 901, 847
- a patch is online on testserver, but cannot found
- related patch files, /pages/account/ 3,4,16,17; /include/account.php
- there are other vbscript pages: ../account/ 6 + 19
bug#794 display certs in admin console
- 1. review by michael
- 2 tests done
- 2nd review dirk and go
- working session: michael / dirk - git for beginners and runaways
- Helping CAcert
- How does recruitment work?
- Newsletters, recuring notifications
Fosdem -> focus on Nucleus events
- Recruitment on events?
Recruitment page eg events/Recruitment, HelpingCAcert, Jobs
- Flyers?
- re-design main page:
- dirk: 3 news, upcoming events
- michael: *
- rss-feed script modification is simple
- main page cms page, login to secure area
- public: www.cacert.org
- secure1: www.cacert.org
- secure2: secure.cacert.org
- public: www.cacert.org
Fixed Action Items since last or within meeting
Magu, Marcus
bug#894 assure someone patches (checkbox)
(incl wot.php changes)
invite testers for testing{g}
Action Items New
dirk
announcement of vbscript bug (bug#964, bug#918 (Part II)) to developers mailing list
{0}
Action items: Meeting Action Items
Software/Assessment/ActionItems
all
proposed Apache config SSLCipherSuite settings for CAcert SSL enabled infrastructure systems
see also BEAST migration https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls
Proposal from Sysadm list 2013-09-06{0}
SA
documentation server cert design concept to SystemAdministration/Systems/Development/Prepare
{0}
all
{0}
BenBE, Marcus
documentation: developer git repos under github
bug #1131 history @ github
CAcertOrg @ github
started under Software/Assessment/Documentation/UpdateCycle/step1{0}
NEO
{0}
all
read x509 guide
{0}
all
bug#1068 blog problem (also relates to community)
debian lenny - edge - squeeze upgrades needed
alternate: new server with squeeze, install wordpress, transfer domain
workaround: configure your FF FAQ/BrowserClients{g}
uli
Experience points for ATE attendance
check board motions and/or trigger if not yet passed{0}
uli
Infrastructure separation, to contact secure-u (Frank, Mario, Ted, Sebastian) for discussion, prepare a plan, started 2011-12-18
current state: see Funding Landing Page
May 2013: tk-server sponsoring, tk-server rcvd, deployment: WIP, project not yet finished{0}
All
1. next: strategy for "New Roots & Escrow" - using indirect crl's ?
indirect CRL: RFC 5280 http://tools.ietf.org/html/rfc5280 (chapter 5) - test deployment{0}
dirk, Michael
3. next: strategy for "New Roots & Escrow" - how does debian work?
to contact, deferred to next events (?)
next round: picked up by Benedikt new proposal 2013-06-02{0}
Uli, Michael
Documentation Bugs.cacert.org Review, documentation I (bugs handbook) svg files to convert to jpg or png
{0}
Development, Deployment, Discussion
OAO, Ted
bug #943 change OA admin/assurer text
needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected
{-}
uli, Ted
bug #824 Org User cert fix Case study
Organisation User Certificates: Need UI improvement for proper production usage
{0}
uli, ted
bug #823 email address removal fix
No warning when removing e-mail address from account that certificates will be revoked
checked by 4, needs 2nd review, deploy
rejected{-}
inopiae
bug #920 Join - single name only (eg Indonesian)
details under bug number
{0}
uli
bug #859 admin console interface
feature request: show activity on an account in the admin interface
rejected, certs login doesn't modify "modified" field{r}
Michael
p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing
uli, marcus: needs full cert create tests
duplicate report to bug#978
tested by 3, 2nd review done, transfered
Ken reported: still has problems, bug kept open{0}
gagern, NEO
bug #440 Problem with subjectAltName (CSR, renew certs)
There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development
{r}
neo
bug #1025 Domain Dispute issue
disputes rc and rc2 var prob
needs work{r}
dirk
bug #1054 0001054: Review the code regarding the new point calculation
Thawte patch part II
needs further work{r}
Software Assessors: Review 1 / add to cacert-devel, add to testserver
Software-Assessors task
Testing
Testers task
neo
bug #1004 Stats page improvement
tested by 2, needs 2nd review
{0}
neo
Bugs #1159 it might be possible to execute commands on the signing server
{0}
inopiae
bug #1065 Wrong wording when sending mails during the assurance process
{0}
inopiae
bug #1162 calcutate (the passwords) hash in php instead of in mysql
create test scenarios for the software testers
Full testing{0}
inopiae
bug #0028 Wrong language for you've been assured & [CAcert.org] Client Certificate emails
{0}
inopiae
bug #988 TTP cap form deployment
{0}
Software Assessors: 2nd Review, Bundle Package to Critical Team
Software-Assessors task
Ted
bug #500 Get contact mail adress after resolving test
tested by 3, requires review
{0}
Ted
bug #1140 Show if a test is passed in learnprogress
tested by 3, requires review
{0}
magu
bug #1131 Rename _all_ Policies from .php to .html and fix all links
global policy directory maintenance and update
{0}
inopiae
bug #1010 Reorder the view on organisation certificates
tested by 3
{0}
Software Assessors: Bundle Package to Critical Team
Software-Assessors task
inopiae
bug #1139 Add new fields to the database
tests through #500 and #1140, 2nd review done, requires transfer
{0}
Awaiting Response from Critical Team
inopiae
bug #411 Wrong text is made into link
{g}