• Arbitrations
• a20100113.3

• Case Number: a20100113.3
• Status: closed
• Claimants: Iang
• Respondents: Dirk Astrath

• Case Manager: MartinGummi

• Arbitrator: PhilippDunkel

• Date of arbitration start: 2010-02-13
• Date of ruling: 2010-06-04
• Case closed: 2010-06-04
• Complaint: Arbitrated Background Check over Dirk Astrath
• Relief: TBD

Before: Arbitrator Philipp Dunkel (A), Respondent: Dirk Astrath (R), Claimant: Iang (C), Case: a20100113.3

History Log

• 2010-01-13 (UlrichSchroeter): added to wiki, request for CM / A

• 2010-02-12 (Andreas Bäß): I'm available as interviewer

• 2010-02-12 (UlrichSchroeter): I'm available as observer at the interview

• 2010-02-12 (Andreas Bäß, UlrichSchroeter, CM, A): rcvd CV + references contact list from (R)

• 2010-02-13 (Andreas Bäß, UlrichSchroeter): Interview face-2-face meeting, Offenbach, with recording, using questionaire from Fosdem weekend interviews

• 2010-02-20 (UlrichSchroeter): sent interview transcript (transfered from recording) to (CM), (A), interviewer

Discovery

Ruling

Summary

Dirk Astrath is suited for any position under Security Policy. He brings experience in both CAcert as well as software development to the table so that he is best suited for software assessment or support.

Training/Progress recommendations

Dirk is technically knowledgeable and has a keen view toward social engineering. However one can never be conscious enough about the possibilities of social engineering so that he could profit from a continued exposure to the specific problems in that area.

In the interview, conducted by Ulrich Schröter and Andreas Bäß, a discussion evolved on securing support personnel from the effects of outside coercion. One solution was proposed. A mechanism by which any support engineer can lock himself out immediately which requires the intervention by another party to regnant access. This would enable a support engineer to remove himself from a conflict by reducing his value to an attacker. These are some interesting thoughts and I believe Dirk to be eminently qualified to contemplate these issues in more depth and make recommendations for the implementation of such a system for CAcert.

Cyberspace, 2010-06-04T19:00:00z Philipp Dunkel

Execution

• 2010-06-04 (A): ruling
• 2010-06-04 (CM): sent ruling notification to (C), (R), board private mailing list, arbitration mailing list, (A)
• 2010-06-04 (CM): case closed

Similiar Cases

• CategoryArbitration

• CategoryArbCaseSystemABC