* Case Number: a20141106.1 * Status: init * Claimant: Marcus Mängel, Benny Baumann * Respondent: CAcert * initial Case Manager: UlrichSchroeter, at 2016-12-08 EvaStöwe disclosed dispute based on DRO decision [[https://community.cacert.org/board/motions.php?motion=m20161119.4|m20161119.4]] and [[https://community.cacert.org/board/motions.php?motion=m20161119.3|m20161119.3]] * Case Manager: name case manager * Arbitrator: name arbitrator * Date of arbitration start: 201Y-MM-DD * Date of ruling: 201Y-MM-DD * Case closed: 201Y-MM-DD * Complaint: Dispute to fix bug 807 * Relief: TBD Before: Arbitrator name arbitrator (A), Respondent: CAcert (R), Claimant: Marcus Mängel (C1) Benny Baumann (C2), Case: a20141106.1 <> == History Log == . 2014-11-06 (issue.c.o): case [[Ticket:334590|s20141106.35]] . 2015-09-08 (iCM): added to wiki, request for CM / A, notification sent to (C1), (C2) == Private Part == * '''Link to Arbitration case [[Arbitrations/priv/a20141106.1|a20141106.1 (Private Part)]]''' ## ==> INCLUDE SECTION BOT <> ## <== INCLUDE SECTION EOT ==== EOT Private Part ==== == Original Dispute == {{{ > Hi arbitration, > > while working on bug 807 https://bugs.cacert.org/view.php?id=807 we > observed the following facts: > After the bug was released to the productive system on 2014-06-01 there > this problem occurred: > When a certificate was requested to use the signature algorithm sha-384 > the certificate was signed with the signature algorithm sha-512 instead. > > Unfortunately the signature algorithm was not recorded so that the > database has some missing information here. > The problem with the wrong chosen signature algorithm and the not > recording was fixed with a fix on 2014-06-13. > > Left are entries in the database which do not have any record about the > signature algorithm used. This information should be stored in the field > > `md` but this was left blank. This will cause problems if this > certificate is renewed. > The software team would like to apply the following sql statements to > the database to fix the missing entry. > UPDATE `domaincerts` SET `md` = 'sha512' WHERE `md` = '' AND `created` > > > '2014-06-01 00:00:00'; > UPDATE `emailcerts` SET `md` = 'sha512' WHERE `md` = '' AND `created` > > '2014-06-01 00:00:00'; > UPDATE `orgdomaincerts` SET `md` = 'sha512' WHERE `md` = '' AND > `created` > '2014-06-01 00:00:00'; > UPDATE `orgemailcerts` SET `md` = 'sha512' WHERE `md` = '' AND `created` > > > '2014-06-01 00:00:00'; > > Befor appling the above statements and the update the successful fix > should be monitored by this sql statement: > SELECT 'domain', COUNT(*) FROM `domaincerts` WHERE `md` = '' > UNION > SELECT 'email', COUNT(*) FROM `emailcerts` WHERE `md` = '' > UNION > SELECT 'orgdomain', COUNT(*) FROM `orgdomaincerts` WHERE `md` = '' > UNION > SELECT 'orgemail', COUNT(*) FROM `orgemailcerts` WHERE `md` = ''; > > Please check if these sql statements can be used so the fix the problem. > > The sql statements should be used as soon as possible so that there are > now problems when the first certificates are due for renew on > 2014-12-01. > > -- > mit freundlichen Gruessen / best regards > Marcus Maengel }}} ## You may remove unneeded sections at your discretion... == Discovery == == Elaboration == == Ruling == == Execution == == Similiar Cases == || [[Arbitrations/a20YYMMDD.n|a20YYMMDD.n]] || [[Arbitrations/a20YYMMDD.n|]] || ---- . CategoryArbitration . CategoryArbCaseSystemTasks