• Arbitrations
• a20141106.1

• Case Number: a20141106.1
• Status: init
• Claimant: Marcus Mängel, Benny Baumann
• Respondent: CAcert

• initial Case Manager: UlrichSchroeter, at 2016-12-08 EvaStöwe disclosed dispute based on DRO decision m20161119.4 and m20161119.3

• Case Manager: name case manager
• Arbitrator: name arbitrator
• Date of arbitration start: 201Y-MM-DD
• Date of ruling: 201Y-MM-DD
• Case closed: 201Y-MM-DD
• Complaint: Dispute to fix bug 807
• Relief: TBD

Before: Arbitrator name arbitrator (A), Respondent: CAcert (R), Claimant: Marcus Mängel (C1) Benny Baumann (C2), Case: a20141106.1

History Log

• 2014-11-06 (issue.c.o): case s20141106.35

• 2015-09-08 (iCM): added to wiki, request for CM / A, notification sent to (C1), (C2)

Private Part

• Link to Arbitration case a20141106.1 (Private Part)

EOT Private Part

Original Dispute

• > Hi arbitration,
  > 
  > while working on bug 807 https://bugs.cacert.org/view.php?id=807 we 
  > observed the following facts:
  > After the bug was released to the productive system on 2014-06-01 there 
  > this problem occurred:
  > When a certificate was requested to use the signature algorithm sha-384 
  > the certificate was signed with the signature algorithm sha-512 instead.
  > 
  > Unfortunately the signature algorithm was not recorded so that the 
  > database has some missing information here.
  > The problem with the wrong chosen signature algorithm and the not 
  > recording was fixed with a fix on 2014-06-13.
  > 
  > Left are entries in the database which do not have any record about the 
  > signature algorithm used. This information should be stored in the field
  > 
  > `md` but this was left blank. This will cause problems if this 
  > certificate is renewed.
  > The software team would like to apply the following sql statements to 
  > the database to fix the missing entry.
  > UPDATE `domaincerts` SET `md` = 'sha512' WHERE `md` = '' AND `created` >
  > 
  > '2014-06-01 00:00:00';
  > UPDATE `emailcerts` SET `md` = 'sha512' WHERE `md` = '' AND `created` > 
  > '2014-06-01 00:00:00';
  > UPDATE `orgdomaincerts` SET `md` = 'sha512' WHERE `md` = '' AND 
  > `created` > '2014-06-01 00:00:00';
  > UPDATE `orgemailcerts` SET `md` = 'sha512' WHERE `md` = '' AND `created`
  > 
  >  > '2014-06-01 00:00:00';
  > 
  > Befor appling the above statements and the update the successful fix 
  > should be monitored by this sql statement:
  > SELECT 'domain', COUNT(*) FROM `domaincerts` WHERE `md` = ''
  > UNION
  > SELECT 'email', COUNT(*) FROM `emailcerts` WHERE `md` = ''
  > UNION
  > SELECT 'orgdomain', COUNT(*) FROM `orgdomaincerts` WHERE `md` = ''
  > UNION
  > SELECT 'orgemail', COUNT(*) FROM `orgemailcerts` WHERE `md` = '';
  > 
  > Please check if these sql statements can be used so the fix the problem.
  > 
  > The sql statements should be used as soon as possible so that there are 
  > now problems when the first certificates are due for renew on
  > 2014-12-01.
  > 
  > -- 
  > mit freundlichen Gruessen / best regards
  > Marcus Maengel

Discovery

Elaboration

Ruling

Execution

Similiar Cases

• CategoryArbitration

• CategoryArbCaseSystemTasks