To Software Software - To Software-Assessment Software/Assessment - To previous meeting - To next meeting

Minutes of the MiniTOP on the 2012-01-17

Setting

The MiniTOP will be held via telco 22:00 CET

Attendees: dirk, marcus, uli, michael, ted

Topics

(skip to agenda)

Action items from last meeting Meeting Action Items

Agenda

1. bug #985 - Move Translingo to Translations (incl. patches)

Translingo bug #985
- https://translations.cacert.org (http://translations.cacert.org/) (replacement for translingo)
- the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
- I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
- last foreign uploads 2008 on about 13 + cacert projects
- whohas translingo server console access?
  - mario
- req for console access for michael to contact project leaders, Updates?
- Transfer In, Transfer Out problems
- Update from new deployment ?
- opened for: create an account can now be started
- Michael current state:
  - import and export routine works
  - script to incorporate updates needs fixed
- next: complete language handling needs to be updated
- accept lang handler needs fix
  - FF de, de_de
  - IE 6 de, 8,9 de_de
- working session within last meeting: michael, marcus
  - infos from meeting 2011-10-18
    - pdf code needs rewrite (uni code library, move to external server (outsourcing))
    - message cert notification - uses perl code, text source not avail (get bind-text-domain)
- current state?
- Marcus sent mailing to translators, no response so far, no tests so far (week 3)
  - Morten NO
  - Emanuel IT
- current state:
  - create test system accounts dutch@test, espania@test and so on, let users do their tests
  - Magu, Marcus will give it a try
  - a couple of testers has started testing and reporting within the last 7 days
  - results: de, fr, en, pl, es, pl
- last meeting: working session bug#985 translingo transfer
  - Michael: needs 2nd review
- Translations
  - problems that relates to blocks translations
  - changes into translations database
  - contact NEO to transfer manualy to testserver
  - bug #985 needs 2nd review, so update script can run also on critical system
- trying to assign to Ted, reviewed by Ted
  - ```
  Did a review. I cannot judge locale/Makefile, the other changes are acceptable.
  I guess before a patch can be created a rebase will be necessary... 
```
- comment by NEO
  - ```
  OK, I have made a merge from release into that branch and removed the conflicts
  (a rebase would break fast forwarding). 
```
- What is the impact? What is needed for going to production?
  - git potential problem solved, can be transfered to critical
- Sync between translation server and critical system
  - make update, make upload to be started by critical admin on production console
  - po tool should send warning/errors, critical admin has to check on update
  - critical admins needs ssh key, to contact NEO
  - docu: new translations to add under system docu webdb
    - who ?
  - Critical team updated ssh firewall setting on critical system to pull and push updates from/to translations

2. Patches queue

bug #827 - New Points calculation / Thawte patch
- bug #827
- bug#827 + bug#882 to merge
  - close bug#882
  - wot.inc.php + notary.inc.php to merge
  - continue with bug#827
  - pojam bug to fix
bug#540 No key usage attribute in cacert org certs anymore?
- also: bug#905
- Policy group discussion - Extended key usage -> p20111113, motion CARRIED
- deployment
  1. prepare fixes -> Michael to prepare diffs, against svn
  2. sending to testserver
  3. transfer to critical system
- (2011-12-13) approx 2 weeks to write the fix, approx 2 months to go
- Michael did transfer the patch to testserver
  - signer code update
  - changes against svn
  - uli, to add to tester portal, done
  - uli to inform testers about new tests
  - test report from kenneth to transfer to report (email from 2011-12-25)
    - Michael: where to find the report from kenneth? link?
    - NEO has added the report (written to private dl)
  - who has adobe 8 for testing?
    - magu has, please test
  - next: needs testing (week 3)
bug#1002 0001002: Contact Assurer form leaves a funny comment after sending
- Michael did transfer the patch to testserver
- Michael: request to alex to check, seems to be ok
- next: needs testing (week 2)
Marcus: working session bug#789 OA field extension
- magu to test
Marcus: working session bug#859 Activity on Account
- Michael: needs 1st review + transfer to testserver
- NEO: will check the next days (week 2)
bug#440 Problem with subjectAltName (CSR, renew certs)
- "There seems to be a problem with the subjectAltName. Dupes, missing entries, and more"
- patch by gagern
- Software-Assessors: needs 1st review + transfer to testserver (week 2)
bug #978 bug 978 (weak keys) (bug 918)
- invalid key format, no regular error message, something wrong, error code # identified
- debugging infos from user + infos from critical team with error code #, was spkac routine
- one test done 2011-12-17 by JensK
- (week 5)
bug #920 Join - single name only (eg Indonesian)
- details under bug number
- presented to Policy Group
- first results from policy group?
  - dirk has made some changes in 6.php last year
  - there are 4 possible choices:
    1. givenname
    2. lastname (as current fix)
    3. givenname or lastname
    4. brians proposal, mononym + checkbox
  - dirks proposal:
    - make name handling more AP conform (1 line names, multiple names)
  - 2 possible paths:
    1. allow multiple names (dirks proposal) is massive change (long term change)
    2. "simple" solution (short term change)
  - global re-design
    - eg users view
    - 43.php, multiple views

3. Michaels workqueue

OCSP server - timeout 10 min too short, 3 days to long, recommendation is 24-48 hours max, verisign: 7 days, startssl: 2d
- who has been informed, contacted?
- Michael will inform Wytze
- not yet written
  - thread relates to https://lists.cacert.org/wws/arc/cacert-board/2011-11/msg00021.html
- general solved
- scalability might be a problem in the future ?!?
- preconfigured there is no solution
- whats with EBJCA
  - java based
  - distribution solution (database replication), master server distributes to other criticial slaves, no caching function
  - post request includes timestamp, simple http cache probably doesn't work
  - engineX ?
- ocsp protocol: version, requestor-name, extension, request-list
- open issue, needs time for implementation
- studienarbeit? bachelor arbeit?
- new bug #1001 Need a way to set up redundant OCSP responders
New function to TMS - edit notary table record
- bug #980
- infos from last meeting
- testers needs editing individual notary records: fields "method", "awarded", "points"
- easier to create notary records with testserver (add F2F), and edit existing record, doesn't need to check for assurer-from, assuree-to and so on
- Update?
- Michael (2011-11-15): after some other bug reviews
- TMS - certs expire handling
  - for testserver eg 3 days (short), 31 days (long)

4. Dirks workqueue - The List of open / running / unhandled bugs

VBscript for Vista/Win7 (select keysize >= 1024) (BlackJack) - reminder to dirk

x¹ Dirk, new bug#964
DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV

current state: test /account/4.php added to testserver
Marcus will do detailed tests on Wed
some references added to bug#964

{0}

as part of
x¹ Arbitration case a20110312.1 Weak keys bug #918 / bug #954 / bug#964

Current state:

{g}	pre mailing sent
{g}	keys revocation script to bulk revoke weak keys, new bug #954, finished
{-}	dirk: DEV: a20110312.1 bug#918 Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV vbscript needs to be improved with select box key size and lower limit to 2048 (based on https://wiki.mozilla.org/CA:MD5and1024) Api CertEnroll (MS crypto provider) new bug#964 current state: test /account/4.php added to testserver Marcus will do detailed tests on Wed some references added to bug#964 - codename "BlackJack"
{g}	Weak keys blog post, published
{g}	Weak keys article published by Hanno(July 28), link is in CAcert's blog post (July 30)
{b}	weak keys: problems with cryptostick (to test at Froscon with Juergen ?)

cert enroll infos under bug#964
vista and win7 works with other engine !CryptoAPI (?) => Cryptography API: Next Generation
- http://msdn.microsoft.com/en-us/library/aa833130%28v=VS.85%29.aspx
- Marcus: added notes for Win7 https://bugs.cacert.org/view.php?id=964#c2249
dirk: has not started the virtual machine
Question from Marcus: did someone contacted illuminat?
- No, Marcus: to contact illuminat
- illuminat will give it a try, first needs download of testserver image
Update?
- marcus: illuminat not yet seen last time
- baseline requirement - keyssize >= 2048 to fix till end of 2011
- how to proceed?
- dirk: 1st step, to bring win test server localy online
- marcus: to contact illuminat
- Do we have other developers who may pick up this project?
Marcus -> dirk: announcement of vbscript bug to developers mailing list
- change keysize
- merge 2 scripts to one
- fix on script 1 needs fix in 2nd script too, solutions: include, one file, or comment fix script 2 too
interrupt: bug#964 -> codename "BlackJack"
- relates to IE8 problem, that certs cannot be created
- is there a security issue with available fix? also bug#918
- related 927, 901, 847
- a patch is online on testserver, but cannot found
- related patch files, /pages/account/ 3,4,16,17; /include/account.php
- there are other vbscript pages: ../account/ 6 + 19
Brian bug#964
- Michael: Marcus to test with IE
- IE select provider only
code from Brian needs some corrections, corrections to do, 4 + 17 inclusions, checkin
- notification to Brian, done
- quickfix has problems too
- next step(s)
  - check error codes / debug routines
  - open developer mode, create cert
    - resulting error: line 213, put length, wrong parameter
```
Zeile: 213
Fehler: CertEnroll::CX509PrivateKey::put_Length: Falscher Parameter. 0x80070057 (WIN32: 87)
Zeile 213:  objPrivateKey.Length = &h08000000
```

5. General Bugs List Overview

Bugs to Review #1, transfer to testserver - Currently 5

uli	bug #977 admin console text fix	admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue	{0}
uli	bug #967 OA isassurer check	Give an OA the oppertuntiy to check if a desiginated Organisation Admininistrator is a CAcert assurer	{0}
uli	bug #859 admin console interface	feature request: show activity on an account in the admin interface, new update $/!\$	{0}
inopiae	bug #981 OA overview (dupe of bug #943)	New layout of view for Organisation Administraors in account/id35	{0}
gagern	bug#440 Problem with subjectAltName (CSR, renew certs)	There seems to be a problem with the subjectAltName. Dupes, missing entries, and more	{0}

Bugs under testing: - Currently 4

uli	bug #855 admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver	admin console lists "empty" and "Unknown" assurance types on listing given Assurances	{0}
Michael	bug #978 bug 978 (weak keys) (bug 918)	invalid key format, no regular error message, something wrong, error code # identified debugging infos from user + infos from critical team with error code # was spkac routine	{0}
Michael	bug #540	p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing	{0}
Michael	bug #1002	0001002: Contact Assurer form leaves a funny comment after sending	{0}

Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently 2

define priority eg. 10,2, and so on, proposed order: from 1 to 10

7	uli, ted	bug #789 OA edit domain fix	Editing domain for organisations does not work new update 2011-09-26 more fixes, more testing * testcase scenario * open org, edit 1st domain in new window, edit 2nd domain in new window * results in: change made in window 2, written to record in window 2 * needs cross checking	{0}	? / u7 / m7
2	neo	bug #985 move translingo to translations	check language settings under testserver	{0}	2

Needs development, deployment, discussion, reminder

bug #835 Migrate CATS onto testserver
- bug #835 Assurer challenge (on testserver)
  
  asssigned to Ted, CATS to install on ca-mgr1, awaiting deployment
  
  {0}

bug#964, bug#918 (Part II) Codename "BlackJack"

Brian

new bug#964
DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV

some references added to bug#964
current state: first review, add to testserver

{0}

6. Long term projects

strategy plans ... next: strategy for "New Roots & Escrow"
1. idea: using indirect crl's ?
  - 2 crl's needed, one valid, one invalid crl server
  - more infos available ? who ?
    1. build testserver with special certs
    2. Magu, Michael to send instructions for test deployment
      - indirect CRL: RFC 5280 http://tools.ietf.org/html/rfc5280 (chapter 5)
  - meetings ago we've defined Testing requirements and a potential testszenario
  - to remind every meeting
  - Michael: testserver environment deployment
  - Michael will review after Certs extension policy group vote
    - Michael: VM + OS builtup for CRL server tests (WIP)
2. policy group: define requirements
  - multimember escrow method ?
    - needs risk analyze
    - potential candidates ?
      - Marcus to contacted Benedikt, will contact Thomas K
      - Next step(s)
CI (Update)
1. description to eclipse testpage, Webinar
  - deployment scenario:
    1. create testusers
    2. testing
    3. delete testusers
  - regression test for standard tests: eg 0,1,49,50,51,99,100,101 pts w/ and w/o CATS passed
  - reminder
2. Jubula Test-Tool (by Michael) - update?
  - http://www.eclipse.org/jubula/download.php
  - instructions see under Minutes meeting 2011-08-30
  - Jubula documentation started: Software/Jubula
  - not performant as needed over internet, testing stopped.
3. new proposal by Sven: Webdriver with Maven and Jenkins-CI
  1. sven did some work regarding frontendtest (Webdriver with Maven and Jenkins-CI)
    - Michael did some review: probably needs some seperation
    - raw source
    - one implemented test case
      - needs building a team, sven + 2 others, to be forced and pushed forward
      - active people have to work with this framework
        write a testunit that triggers the bug
        write a bugfix
        start regression test
Infrastructure seperation
1. CAcert Inc statement - received
2. Hosting/Housing Provider
  - 2011-12-01: Vienna response
  - questions answered
3. contacting secure-u, oophaga started?
  - Frank, Mario, Ted, Uli, Sebastian ?
  - Secure-u started 2011-12-19, awaiting response
4. Hardware
  - alternate solutions
    - offer Frank a) 80 w, too high
    - b) IBM eServer xSeries 335 (Model-Type 8676-61X) => pentium4
    - doesn't fit power consumption
    - uli: luxemburg connection, will try 1st week in january
  - 2 way path: search sponsors for money, search hardware sponsors
  - level after netburst
  - sample TK config: 1626.90€ + 117.30€ (1750)
    - includes: Intel Xeon 4-Core E3-1260L 2,4GHz 8MB 5GT/s, 16 GB ECC DDR3 1333-RAM, 4x 500 GB SATA II WD Raid
  - fund rising project
Helping CAcert
- How does recruitment work?
- Newsletters, recuring notifications
- Fosdem -> focus on Nucleus events
- Recruitment on events?
- Recruitment page eg events/Recruitment, HelpingCAcert, Jobs
- Flyers?
- re-design main page:
  - dirk: 3 news, upcoming events
  - michael: *
  - rss-feed script modification is simple
  - main page cms page, login to secure area (portal project)
    - public: www.cacert.org
      - secure1: www.cacert.org
      - secure2: secure.cacert.org
Discovery II a20110118.1 discussion
- still running
- who should receive infos? list of appropiate recipients listed in discovery II table
- possible software solutions:
  1. triggered info mailing eg board-private mailing list + support
  2. view page with current results (like hidden stats page?)
- bug#1003 Provide a possibility to regularly review the permissions in the system
Affilates program - topic for SA ?
- currently not
- planned income projects by CAcert Inc
- new portal (Benedikt, Karsten working on it)
  - critical / non-critical systems
    - non-critical portal - with login link to critical secure.cacert.org
    - cms system: own user base?
    - critical system userid includes @, cms userid does not include @
    - cms login adding userid from critical system may result in security leak that account data can be collected (MITM)
- affiliate link to each event (template)
  1. addtl. link under main ads
CAP Form redesign for upcoming events
- Fosdem
- Cebit
- Chemnitzer Linuxtag
- CAP forms have no bank account infos
  - CAP form redesign
"NEO projects"
1. architecture/design (aka Birdshack design)
2. signer rewrite
  - cabforum, blacklist implementation
  - needs a rewrite, protocol isn't that reliable as required/needed
  - problems in current design: eg count of days a cert expires will be transfered from client to server
  - multiple servers (staging/scaling/load balancing)
  - problems in current design: eg OpenSSL and multithreading
Vendor-Api / New Assurers Portal
- Marcus sent some proposals
- A team is working on a Portal project (Carsten, Marcus)

7. next meeting

Tuesday, January 24, 2012 22:00

Minutes

Experience points for ATE attendance
- requirements to upgrade database schema
- co-auditor has the list of primary email addresses by co-audits
- currently technical not possible, needs coding, database upgrade
- AP references subpol TTP and/or PoJAM, references co-audit, with reference to AH
  - ```
  AP 4.4
  Additional Experience Points may be granted temporarily or permanently to an Assurer by CAcert Inc.'s Committee (board), on recommendation from the Assurance Officer. 
```
- There are other policy requirements, that also needs to be implemented
- Exp. pts has low priority: tasks with highest priority: Thawte points removal (6.php), TTP (+TOPUP), then others
- add note to AH: (currently technical not possible)
Thawte points removal, final step
- relates to 6.php
- this also relates to TTP
- dirk will work on this upcoming weekend

1. bug #985 - Move Translingo to Translations (incl. patches)

Translingo bug #985
- https://translations.cacert.org (http://translations.cacert.org/) (replacement for translingo)
- the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
- I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
- last foreign uploads 2008 on about 13 + cacert projects
- whohas translingo server console access?
  - mario
- req for console access for michael to contact project leaders, Updates?
- Transfer In, Transfer Out problems
- Update from new deployment ?
- opened for: create an account can now be started
- Michael current state:
  - import and export routine works
  - script to incorporate updates needs fixed
- next: complete language handling needs to be updated
- accept lang handler needs fix
  - FF de, de_de
  - IE 6 de, 8,9 de_de
- working session within last meeting: michael, marcus
  - infos from meeting 2011-10-18
    - pdf code needs rewrite (uni code library, move to external server (outsourcing))
    - message cert notification - uses perl code, text source not avail (get bind-text-domain)
- current state?
- Marcus sent mailing to translators, no response so far, no tests so far (week 3)
  - Morten NO
  - Emanuel IT
- current state:
  - create test system accounts dutch@test, espania@test and so on, let users do their tests
  - Magu, Marcus will give it a try
  - a couple of testers has started testing and reporting within the last 7 days
  - results: de, fr, en, pl, es, pl
- last meeting: working session bug#985 translingo transfer
  - Michael: needs 2nd review
- Translations
  - problems that relates to blocks translations
  - changes into translations database
  - contact NEO to transfer manualy to testserver
  - bug #985 needs 2nd review, so update script can run also on critical system
- trying to assign to Ted, reviewed by Ted
  - ```
  Did a review. I cannot judge locale/Makefile, the other changes are acceptable.
  I guess before a patch can be created a rebase will be necessary... 
```
- comment by NEO
  - ```
  OK, I have made a merge from release into that branch and removed the conflicts
  (a rebase would break fast forwarding). 
```
- What is the impact? What is needed for going to production?
  - git potential problem solved, can be transfered to critical
- Sync between translation server and critical system
  - make update, make upload to be started by critical admin on production console
  - po tool should send warning/errors, critical admin has to check on update
  - critical admins needs ssh key, to contact NEO
  - docu: new translations to add under system docu webdb
    - who ?
  - Critical team updated ssh firewall setting on critical system to pull and push updates from/to translations
- recuring pootle tests every night, dayly notes to mailing list

Bring TTP assurances up to running

requirement: make 855 active on production

TTP-caps can be build by TTP-admins offline, not for public distribution !!

uli

bug #855 admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver

admin console lists "empty" and "Unknown" assurance types on listing given Assurances

{0}

uli to add test report
needs 2nd review by dirk, ted, markus, pg - ted will do within the upcoming days, probably Thursday

bug#540 No key usage attribute in cacert org certs anymore?
- also: bug#905
- uli, marcus: needs full cert create tests
Infrastructure Separation
- new hardware -> leasing?
bug#1002 0001002: Contact Assurer form leaves a funny comment after sending
- Michael did transfer the patch to testserver
- Michael: request to alex to check, seems to be ok
- tested by 2, needs 2nd review + deploy (week 2), ted?
bug #978 bug 978 (weak keys) (bug 918)
- invalid key format, no regular error message, something wrong, error code # identified
- debugging infos from user + infos from critical team with error code #, was spkac routine
- one test done 2011-12-17 by JensK
- (week 5)
- uli, marcus: more tests: certs routine, weak keys (small keys test), relates to bug#540 tests
OCSP server - timeout 10 min too short, 3 days to long, recommendation is 24-48 hours max, verisign: 7 days, startssl: 2d
- after all the modifications done, accecss to ocsp server has a hickup, sometimes, sporadic
- Michael: no idea

VBscript for Vista/Win7 (select keysize >= 1024) (BlackJack) - reminder to dirk

x¹ Dirk, new bug#964
DEV: bug#918 (Part II) (a20110312.1) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) DEV

current state: test /account/4.php added to testserver
Marcus will do detailed tests on Wed
some references added to bug#964

{0}

current state: an undef error with current patch
we need someone who has experience with vbscript, to come into telco, reviews interface/api beforehand
- illuminat: not before eastern
- marcus: will ask users on assurance party tommorow

CI (Update)
1. new proposal by Sven: Webdriver with Maven and Jenkins-CI
  1. sven did some work regarding frontendtest (Webdriver with Maven and Jenkins-CI)
    - Michael did some review: probably needs some seperation
    - raw source
    - one implemented test case
      - needs building a team, sven + 2 others, to be forced and pushed forward
      - active people have to work with this framework
        write a testunit that triggers the bug
        write a bugfix
        start regression test
    - what do we want?
    - is this our direction?
    - does this fit to our requirements?
    - someone needs time to do a deep review
    - long term view:
      - developers needs to become familiar with the automated testing system to write also the test scripts
      - software-assessors to review test results
Foundations
- dst files for logos
Discovery II a20110118.1 discussion
- still running
- who should receive infos? list of appropiate recipients listed in discovery II table
- possible software solutions:
  1. triggered info mailing eg board-private mailing list + support
  2. view page with current results (like hidden stats page?)
- bug#1003 Provide a possibility to regularly review the permissions in the system
- motion from last board meeting (not avail yet), carried
  - ```
  It is moved that Board or a representative asks the persons responsible for an up-to-date copy of all access lists as specified in the Security Policy §3.4.2 including OA
```
next meeting: Tue 24th

Fixed Action Items since last or within meeting

Action Items New

uli	Experience points for ATE attendance	add note to AH: (currently technical not possible)	{0}
uli	Experience points for ATE attendance	check board motions and/or trigger if not yet passed	{0}
uli	Experience points for ATE attendance	check bug tracker for bug# and/or add new	{0}
uli, marcus	bug#540 No key usage attribute in cacert org certs anymore?	uli, marcus: needs full cert create tests set relation to bug #978	{0}
uli, marcus	bug #978 bug 978 (weak keys) (bug 918)	invalid key format, no regular error message, something wrong, error code # identified debugging infos from user + infos from critical team with error code #, was spkac routine one test done 2011-12-17 by JensK, (week 5) uli, marcus: more tests: certs routine, weak keys (small keys test), relates to bug#540 tests set relation to bug #540	{0}

Action items: Meeting Action Items

Software/Assessment/ActionItems

all	proposed Apache config SSLCipherSuite settings for CAcert SSL enabled infrastructure systems see also BEAST migration https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls Proposal from Sysadm list 2013-09-06	{0}
SA	documentation server cert design concept to SystemAdministration/Systems/Development/Prepare	{0}
all	review Software patches Update Cycle	{0}
BenBE, Marcus	documentation: developer git repos under github bug #1131 history @ github CAcertOrg @ github started under Software/Assessment/Documentation/UpdateCycle/step1	{0}
NEO	BenBe: request: htttps header on bugtracker bug #1116	{0}
all	read x509 guide	{0}
all	bug#1068 blog problem (also relates to community) debian lenny - edge - squeeze upgrades needed alternate: new server with squeeze, install wordpress, transfer domain workaround: configure your FF FAQ/BrowserClients	{g}
uli	Experience points for ATE attendance check board motions and/or trigger if not yet passed	{0}
uli	Infrastructure separation, to contact secure-u (Frank, Mario, Ted, Sebastian) for discussion, prepare a plan, started 2011-12-18 current state: see Funding Landing Page May 2013: tk-server sponsoring, tk-server rcvd, deployment: WIP, project not yet finished	{0}
All	1. next: strategy for "New Roots & Escrow" - using indirect crl's ? indirect CRL: RFC 5280 http://tools.ietf.org/html/rfc5280 (chapter 5) - test deployment	{0}
dirk, Michael	3. next: strategy for "New Roots & Escrow" - how does debian work? to contact, deferred to next events (?) next round: picked up by Benedikt new proposal 2013-06-02	{0}
Uli, Michael	Documentation Bugs.cacert.org Review, documentation I (bugs handbook) svg files to convert to jpg or png	{0}

Development, Deployment, Discussion

OAO, Ted	bug #943 change OA admin/assurer text	needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected	{-}
uli, Ted	bug #824 Org User cert fix Case study	Organisation User Certificates: Need UI improvement for proper production usage	{0}
uli, ted	bug #823 email address removal fix	No warning when removing e-mail address from account that certificates will be revoked checked by 4, needs 2nd review, deploy rejected	{-}
inopiae	bug #920 Join - single name only (eg Indonesian)	details under bug number	{0}
uli	bug #859 admin console interface	feature request: show activity on an account in the admin interface rejected, certs login doesn't modify "modified" field	{r}
Michael	bug #540	p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing uli, marcus: needs full cert create tests duplicate report to bug#978 tested by 3, 2nd review done, transfered Ken reported: still has problems, bug kept open	{0}
gagern, NEO	bug #440 Problem with subjectAltName (CSR, renew certs)	There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development	{r}
neo	bug #1025 Domain Dispute issue	disputes rc and rc2 var prob needs work	{r}
dirk	bug #1054 0001054: Review the code regarding the new point calculation	Thawte patch part II needs further work	{r}

Software Assessors: Review 1 / add to cacert-devel, add to testserver

Software-Assessors task

Testing

Testers task

neo	bug #1004 Stats page improvement	tested by 2, needs 2nd review	{0}
neo	Bugs #1159 it might be possible to execute commands on the signing server		{0}
inopiae	bug #1065 Wrong wording when sending mails during the assurance process		{0}
inopiae	bug #1162 calcutate (the passwords) hash in php instead of in mysql	create test scenarios for the software testers $/!\$ Full testing $/!\$	{0}
inopiae	bug #0028 Wrong language for you've been assured & [CAcert.org] Client Certificate emails		{0}
inopiae	bug #988 TTP cap form deployment		{0}

Software Assessors: 2nd Review, Bundle Package to Critical Team

Software-Assessors task

Ted	bug #500 Get contact mail adress after resolving test	tested by 3, requires review	{0}
Ted	bug #1140 Show if a test is passed in learnprogress	tested by 3, requires review	{0}
magu	bug #1131 Rename _all_ Policies from .php to .html and fix all links	global policy directory maintenance and update	{0}
inopiae	bug #1010 Reorder the view on organisation certificates	tested by 3	{0}

Software Assessors: Bundle Package to Critical Team

Software-Assessors task

inopiae

bug #1139 Add new fields to the database

tests through #500 and #1140, 2nd review done, requires transfer

{0}

Awaiting Response from Critical Team

inopiae

bug #411 Wrong text is made into link

{g}

CategorySoftwareAssessment

CategorySoftwareAssessment

Software/Assessment/20120117-S-A-MiniTOP (last edited 2012-01-24 05:25:34 by UlrichSchroeter)