Committee Meeting 20100815

The meeting will take place at 21:00 UTC in the IRC channel #board-meeting on the CAcert IRC network.

Feel free to add a business within the acceptance period or your question to the board below.

Premeeting

  1. Prepare minutes from last meeting

  2. put motion to accept the minutes

  3. Summary of cacert-board-private list since YYYYMMDD and reason for privacy
  4. Update action items

Agenda

  1. Preliminaries
    1. Chair opens the Committee Meeting
      • Apologies from Mark, likely off-net.
    2. Accept the minutes from the last meeting in this motion m20100802.1

    3. Who is making minutes?
  2. Businesses Important Note: Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest!

    1. Treasurer added by Iang

    2. Conservatory Practice for CAcert domains added by Iang

      1. Deferred from last meeting

      2. Conservatory Practice is a suggested document.

    3. Policy Group requests CC-by-sa licence over Policies added by Iang

      1. Deferred from last meeting

      2. p20100722 policy group proposes CC-by-sa as in Alternative 2.

      3. do we need a jurisdiction, such as "all disputes referred to our DRP?"
      4. other documents? other licences?
    4. AGM Preparations added by Iang

      1. Diary should be complete by now ...

      2. Textual description to be written
      3. Forward Looking Statement
      4. progress on Team Reports

      5. Financial Report.
    5. Infrastructure added by Iang as Urgent Business

      1. unanimous
  3. Question Time Important Note: Questions from CAcert.org Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here

    1. Question One added by Your Name Comment: Replace "Question One" by Your Question and add your Name

      • et cetera
  4. Closing
    1. Confirm the next Committee Meeting: Usually every 1st Saturday of the month 22:00 UTC and 3rd Sunday of the month 21:00 UTC.

    2. Chair closes the Committee Meeting

Minutes

  1. Preliminaries
    1. Lambert took chair and opened the Committee Meeting
      • Present: Lambert, Nick, Ian, Mario, Alexander; apoligies from Mark
    2. Ian moved to add Infrastructure to the Agenda as Item 2.5, after informal discussions before the meeting. Seconded by Nick.
      • Unanimous accepted
    3. Accept the minutes from the last meeting in this motion m20100802.1

      • Mario noted that the motion of point 2.4 was posted by Lambert, not him. Minutes were changed accordingly.
      • Aye: Alexander, Lambert, Mario, Ian; Abstain: Nick. Carried as m20100802.1.

    4. Who is making minutes?
      • Mario.
    5. Excourse on NickServ

  2. Businesses
    1. Treasurer added by Iang

      • Since Mark was travelling deferred until next meeting. He should be back then.
    2. Conservatory Practice for CAcert domains added by Iang

      • Ian: "ok, basically as we've all seen, there are many people holding domains like cacert.pl and cacert.cl, we have a responsibility to protect our trademark, which comes down to having some way of licensing it appropriately.

        1. One view is that we simply stop all these domains,

        2. another is that we have CAcert Inc hold them (and pay for them),

        3. a third is to have an agreement where members can hold them under permission.

      • this third option has been outlined in an agreement here: https://lists.cacert.org/wws/arc/cacert-board/2010-07/msg00042.html which is simply a starting document, to get the process flowing."

      • and pointed out that this is a board issue.
      • Consensus on third option, which needs some rules.
      • Discussion about the status of the people holding the domain. We should at least know the person, so he should be an assured member. Also some voices for Assurer were raised.
      • Proposal should be voted on at next meeting.
      • Nick moved to table the subject until the next meeting and to ask for feedback from existing domain holders. Seconded by Lambert.
        • Aye: Lambert, Ian, Mario, Alexander. Carried as m20100829.1.

      • Subject to be handled at Domains.

      • Nick hat to leave and appointed Lambert as Proxy, which has been accepted.
    3. Policy Group requests CC-by-sa licence over Policies added by Iang

      • Ian: "we need a license for our policies, and the policy group proposes the CC-by-sa. in PoP and CCA there is a promise that we will licence them back to the community under an open licence. This is considered to be a good thing as we are asking the community to contribute these works. as in, write the policies ... so it is good form for us to then add them to the commons of published and usable documents"
      • Discussion on broaden this to all documents without specific license (e.g. texts on web site, arbitration rulings). Consensus was, that needs some more thinking and only policies should be approved for now.
      • CC-by-sa has now dispute clause. Discussion to add arbitration to the license claim. Cons: Anyone who adopts this license may also refer it to CAcert arbitration. Pro: Cost effective solution of disputes.
      • Ian moved: "Resolved, that documents prepared and approved by policy group under the Policy on Policy be licensed openly under CC-by-sa licence, and that a clause be added to the licence notification in each file that all disputes be referred to our Forum of Arbitration under DRP." Seconded by Lambert.
        • Aye: Lambert, Mario, Nick (through Lambert), Ian, Alexander. Carried as m20100815.1

    4. AGM Preparations added by Iang

      1. Diary should be complete by now ...

        • Lambert: "It seems that before we as board can decide opn what we'lll put in the history, some members are making modifications. This does not seem right to me. We need a proposal that is supported by the board. Once we accept it, it is a board statement. How can we make sure it isn't changed afterwards? I do think we should incorporate input from our members, I just think others should not be able to simply change the pages"
        • Ian: "I am actually keeping the primary file on my desktop, so it is easy enough to override... I am however not keen to return to the ways of the past ... I'd rather that people dive in and make bad changes ... and be told off ... than we launch a complete ban on community help in this. I think that if there is general consensus that we can reject changes, I'm fine with that. the report is after all our report ... the teams and members can submit their own report."
      2. Textual description to be written
        • Ian: "The Textual description is our "readable" summary of our year."
        • Ian: "I'm guessing that I'll be writing this. in the sense that I've been most present over the entire period, and have done the diary. I'll be drawing from the last year's Forward Looking Statement, and presenting our progress ... which might be a bit unhappy :-("
      3. Forward Looking Statement
        • Ian: "The Forward Looking Statement is our guidance to the incoming Board, and our plan for the future ..."
        • Ian likes some help with it.
      4. progress on Team Reports

        • Ian: "for team reports, we still only have the two. Infrastructure and Arbitration ... I suspect Arbitration will get some more work done on it as well as currently only statistics are there"
      5. Financial Report.
        • Discuss at next meeting.
      6. Discussion on whether to align reports which each other. Summary:
        • board reports: should represent ideas by the board. We can control that because of the versions in the wiki
        • team reports: we should not modify these, these are the responsibility of the writer
    5. Infrastructure added by Iang as Urgent Business

      • Need for someone who takes up Daniels role there. T/l role to board, but board cannot admin the VM host. Access can be established by PG and critical team (guessed by Mario).
        • So currently critical team needs a static ip address from where the admin will access the system, a username and a public ssh key and a list of the systems where he should have access to. Then PG could create an account and grant root access to the system itself. critical team creates an account on the hop machine for the sysadm.
      • PG is willing to back up some work, but not willing to do HR work.
      • Discussion on names. Consensus was that it should not be an access engineer or critical sysadmin. Alexander offered help, but would give up arbitration in return. Jan and Markus were nominated.
      • Mario: "There are two things: Getting help on individual systems (vms) and the whole infrastructure stuff. The latter should be picked from known staff I think."
      • Mario: "But I might consider to become infra admin myself, but not sure if I can put the required time into it. So it might be only a backup. First I would write to some people and ask whether they could take this additional role. Currently only Jan and Markus are on the list, others have been excluded for some reason. I would not like to recruit the central infra management by a broad call. Doing a call for sysadmins would be a second step, after the central infra management is in place."
      • Mario to mail Jan and Markus about becoming central infrastructure admin.
  3. Closing
    1. Confirm the next Committee Meeting: 2010-08-29, 21:00 UTC UTC.

    2. Chair closes the Committee Meeting

Synopsis

Motions

Meeting Transcript

Times are UTC+2.

23:02 < Q> it's 11.00 local, so I guess we should start, right?
23:02 < iang> yes, let's.  Mark sends his apologies
23:02 < Q> I hereby open the meeting
23:02 < aphexer> I'm possibly interested in infrastructure, but can't combine that with arbitration...
23:02 < aphexer> (and have sysadm experience)
23:03 < Q> I see Iang, Aphexer, law, nb, and Q (myself)
23:03 -!- nb_ [nb@75.16.234.16] has joined #board-meeting
23:03 < Q> Hi NB_
23:03 -!- mode/#board-meeting [+o ] by nb_
23:03 < nb_> hi
23:03  * nb_ is here for a little while
23:03 -!- mode/#board-meeting [+o ] by nb_
23:03 < iang> nb_ hi
23:03 -!- nb_ is now known as Guest5
23:03 -!- mode/#board-meeting [+o ] by Guest5
23:03 -!- mode/#board-meeting [+o ] by Guest5
23:03 < Q> welcome, just opened the meeting
23:04 -!- nb is now known as Guest6
23:04 -!- Guest5 is now known as nb
23:04 -!- mode/#board-meeting [+o ] by nb
23:04 < Q> Now tghat the administration is done (thanks nick) 
23:04 < iang> I'm thinking of Urgent Business:  resolved, that we add "Infrastructure" to the Agenda as Item 2.5
23:05 < Q> ok
23:05 < nb> aye
23:05 < law> aye
23:05 < Q> Accepted
23:05 < iang> nick seconds, Aye from me, but we need unanimity
23:06 < iang> ok, thanks, I'll add it
23:06 < Q> Ah, aphexer, can you let us know what you think?
23:06 < aphexer> aye
23:06 < Q> good, unanimity, accepted
23:06 < Q> Last time I checked, only two persons voted aye for accepting minutes
23:07  * nb will vote
23:07 < Q> aphexer, law, are you ok with minutes?
23:07 < aphexer> aye
23:07 < iang> resolved, that the minutes of the last board meeting 20010801 be accepted, at https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20100801#Minutes
23:08 < law> no.
23:08 < Q> second and aye
23:08 < Q> ok, law, what is the issue?
23:08 < law> 2.4. The motion for domains was posted by lambert, not me.
23:08 < nb> actually i abstain since i wasn't at the meeting
23:08  * nb just abstained in the voting tool
23:09 < Q> nb:ok
23:09 < iang> shall I change that?
23:09 < Q> yes, please.
23:09 < law> yes, please.
23:09 < Q> Law, you accept the minutes as soon as that's changed?
23:10 < iang> changed
23:10 < law> yes
23:11 < law> aye
23:11 < Q> aye with the changed
23:11 < iang> aye, same here
23:12 < nb> abstain
23:12 < Q> I declare it carried
23:12 < Q> Next, who can do minutes for this meeting?
23:12 < Q> volunteers please
23:13 < iang> I can do them but they will be delayed...
23:13 < iang> I'd encourage others to jump in here, especially as this will be shorter than normal :P
23:13 < Q> iang: Hmm, you're building up credit here
23:14 < law> I could do it
23:14 < Q> law: thanks!
23:14  * nb notes that NickServ is back
23:14  * nb is not sure how that got started again, it didn't want to start last time i looked on the server
23:14 < Q> nb: can you quickly explain NickServ?
23:15 < iang> nod
23:15 < nb> it lets you register your nick
23:15 < nb>  /msg nickserv help
23:15 < nb> so you can regain it if someone else takes it
23:16 < Q> ok
23:16 < law> nb:  is there also chanserv?
23:16 < Q> item 2.1: treasurer
23:17 < nb> yes
23:17 < Q> iang: have you talked to Mark?
23:17 < iang> On this:  basically we are dealing with 2 items, being the handover and who to appoint
23:17 < Q> iang: ok, you have the floor
23:17 < iang> As Mark is still travelling until end of this coming week, we might want to defer it until next meeting
23:17 < Q> iang: he'll be back next meeting?
23:18 < iang> I have talked to Mark, but only briefly on this .. he's aware of the issues
23:18 < iang> yes, he should be back for the next meeting
23:18 < Q> ok, I propose we defer it to the next meeting
23:18 < iang> unfortunately, he's actually well away from Oz, and his local files, so he can't really contribute efficiently to this topic
23:19 < iang> agreed
23:19 < Q> ok, 2.2: conservatory practice for CAcert dopmains
23:19 < Q> iang: you have the floor
23:19 < iang> also note that it comes up again in 4.e / financial report
23:20 < iang> ok, basically as we've all seen, there are many people holding domains like cacert.pl and cacert.cl
23:20 < iang> we have a responsibility to protect our trademark, which comes down to having some way of licensing it appropriately
23:20 < iang> one view is that we simply stop all these domains
23:21 < iang> another is that we have CAcert Inc hold them (and pay for them)
23:21 < iang> a third is to have an agreement where members can hold them under permission
23:21 < iang> this third option has been outlined in an agreement here:  https://lists.cacert.org/wws/arc/cacert-board/2010-07/msg00042.html
23:21 < iang> which is simply a starting document, to get the process flowing
23:22 < Q> imho option 3 is the only way forward
23:22 < nb> #3
23:22 < iang> I think this is really a board issue ... in the sense that it isn't really the topic for any other group.
23:22 < iang> also, Board of 2007 did resolve to protect our IP.
23:23 < Q> option 1 brings nothing positive to CAcert, option 2 is too expensive, and option 3 allows people to contribute to CAcert. However, option 3 needs some rules
23:23 < iang> ok, I agree with that.  I especially don't agree with option 2:  Cacert Inc to obtain and pay :)
23:23 < nb> and so moved that we use the rules on the mailing list post
23:23 < law> for me the proposal sounds good. what is the opinion of the current domain holders on it?
23:24 < iang> I have not asked (I think I was supposed to ask ...)
23:24 < nb> i think people should be at least assurer
23:24 < iang> (but we don't have a comprehensive list of them ... so needs some work to find them all)
23:24 < law> member should suffice imho. We just want to have them under DRP.
23:24 < Q> nb: good remark, that way we at least know who he/she is :-)
23:25 < Q> law: yes, member, but at least 50 points
23:25 < law> so, assured member....
23:25 < Q> law: yes
23:25 < iang> law:  we could change the clause to "You should be an Assurer..."
23:26 < Q> iang: assured member is fine with me
23:26 < law> iang:  from my pov assured member.
23:26 < nb> i could agree with assured member
23:26 < iang> ok, either for me.  I just press Assurer all the time because of community marketing principles :)
23:26 < Q> but before we start to discuss the content, let's look at the concept
23:26 < Q> I get the feelibng we agree it should be option 3, right?
23:26 < aphexer> concept looks fine for me
23:27 < aphexer> yes, option 3
23:27  * nb kind of likes fedora's policy that the board has to approve every domain trademark license
23:27 < iang> for example, it says the member can "use" the domain ... for a website
23:27 < nb> so people have to tell the fedora board what they plan to do, etc.
23:28 < nb> Question: do proxies for a board meeting require 24 hr notice to the secretary?
23:28 < Q> someone (iang?) staerted with a list of criteria, we can now either accept the current proposal, or discuss  months and accept a one with majopr or minor differences
23:28 < iang> nb: my feeling there is that the last two clauses give us substantial protection ... Board has the right to snatch back the domain
23:28 < iang> I suggest we accept the current one, for the time being.  We can always change it when we get more feedback
23:29 < iang> I think it is way more efficient to simply start with a document, and then see how it operates in reality, rather than try to predict and discuss and change
23:29 < Q> My suggestion is: we all look at it, come up with suggestions for improvement before next meeting, and we accept it at next meeting
23:29 < nb> i move to table the subject until the next meeting
23:29 < iang> if we're going to do that ... I suggest the post be moved to the wiki
23:29 < Q> iang: that would also be accpetable, I just don't want to delay this too long
23:30 < iang> and then changes can be discussed in the document
23:30 < iang> Q: double-plus-yes-yes :)
23:30 < Q> ok, care to make a motion on this?
23:30 < nb> i move to table the subject until the next meeting
23:30 < nb> Q, I did :)
23:31 < nb> (and of course to ask for feedback from existing domain holders, etc.
23:31 < Q> nb: second, and aye
23:31 < iang> i move to table the subject until the next meeting, with an intention to resolve on option 3, the posted agreement at that meeting.
23:31 < Q> (nb: sorry, missed it)
23:31 < nb> Q, thats ok
23:32 < iang> oops, too late, well, Aye either/both :)
23:32 < law> aye
23:32 < Q> aphexer?
23:32 < aphexer> aye
23:32 < Q> good, accepted
23:32 < iang> is everyone ok with wiki.cacert.org/Domains ?  we can do a redirect later on
23:32 < nb> yeah
23:32 < aphexer> ok
23:32 < Q> sure
23:33 < law> is good.
23:34 < Q> ok, item 2.2b: policy licence
23:34 < Q> iang: care to add to what you wrote in the agenda?
23:34 < iang> Policy Group requests CC-by-sa licence over Policies added by Iang
23:34 < iang>    1.  Deferred from last meeting
23:34 < iang>    2.  p20100722 policy group proposes CC-by-sa as in Alternative 2.
23:34 < iang>    3. do we need a jurisdiction, such as "all disputes referred to our DRP?"
23:34 < iang>    4. other documents? other licences? 
23:35 < iang> like that?
23:35 < nb> I must go now.  I hereby appoint Lambert Hofstra as my proxy for the remainder of this meeting (assuming he accepts)
23:36 < Q> we discussed a [policy for holders of a cacert.X domain, that did not include the policy licence, right?
23:36 < iang> bye nick
23:36 < Q> nb: I accept
23:36 < Q> bye nick
23:37 < iang> no, these are two separate things ... both IP but over two different properties
23:37 < Q> iang: how is 2.2b different from 2.3?
23:37 < iang> I called the first one a Conservatory Practice to distinguish from policies
23:37 < iang> so, it is a Practice for Conserving/Holding Domains as IP
23:38 < iang> the second one is the publishing licence for the issuance of our policies
23:38 -!- nb [nb@75.16.234.16] has quit [Quit: Leaving]
23:38 < iang> so these are actual documents, texts ... which can be published under licences.  Or theoretically sold
23:39 < iang> However, in PoP and CCA there is a promise that we will licence them back to the community under an open licence.  This is considered to be a good thing as we are asking the community to contribute these works
23:39 < iang> as in, write the policies ... so it is good form for us to then add them to the commons of published and usable documents
23:40 < iang> does that make sense?
23:40 < Q> iang: yes, understand. But: we just discussed how to address CAcert.X domains as part of protecting our IP. But 2.2b also refers to p2010722, which is concerning the policy licencing you mention in agenda item 2.3
23:41 < Q> hence my question: what do you further need from agenda item 2.2b?
23:41 < iang> hmm. ... there was a confusion in the agenda
23:41 < Q> ok, so it's not just me?   ;-)
23:42 < iang> refresh your agenda, and see if it is cleared up ... sorry about that :)
23:42 < Q> it is, but....
23:42 < Q> this should have bneen done 48 hours ago...
23:42 < Q> ;-)
23:43 < iang> ahhh, well, I claim it was a clerical error and should have been obvious :P
23:43 < Q> ok, continueing with 2.3: CC-by-sa licence over policies
23:43 < Q> are we all familiar with p20100722?
23:44 < aphexer> not yet
23:44 < aphexer> ok
23:45 < law> Nor really, but it seems policy group requests to licence policies under CC-by-sa. As we respect the work by the community, we should possibly confirm their request.
23:45 < Q> Simple summary was given by iang: we need a license for our policies, and the policy group proposes the CC-by-sa 
23:45 < Q> yes, 
23:46 < Q> I agree with the policy group here, good proposal. I also woukld like the "disputes referred to our DRP" addition
23:46 < iang> this the closest to GPL - viral clause.  SA means share alike, so if anyone uses the document, and distributes it, they should also distribute it under SA ... which means we can easily incorporate their changes
23:47 < Q> regarding 3.d: other documents: we might want to expand this to all CAcert docs that have no specific other license
23:47 < iang> there is a possibility of "danger" here in that another CA can simply adopt all our good work ... personally, I don't see that as a threat, more as an opportunity ... but some people have felt it a threat
23:47 < law> So text on websites, arbitration rulings, etc?
23:48 < iang> general text on websites ... sure
23:48 < Q> law: yes (but we might have to think about that a bit)
23:48 < iang> Arbitration rulings ... I'm not so sure ... well spotted, law
23:48 < Q> I propose we now accept it as licence for policies, and add more later
23:49 < aphexer> ok
23:49 < law> and add the DRP clause? 
23:49 < Q> yes please
23:49 < iang> ok, that's fine ... we could add that into the motion that we intend to broaden the approach to other documents in time ... which would allow the community to bug us about it
23:50 < iang> adding the DRP clause ... is an interesting question
23:50 < iang> the CC-by-sa has NO dispute clause ... which means that in effect, disputes can be tried anywhere in the world
23:50 < iang> whether they are accepted or not .. is an issue that is entirely open
23:51 < Q> it is, we don't want to be dragged into disputes between people that copied our stuff and then had their changes copied by yet another party
23:51 < Q> so I guess keeping DRP out is best for now
23:51 < iang> it would bring substantial protection *for us* if we were to add the DRP clause ...
23:51 < iang> but I'm unsure what it would do to the other parties
23:52 < iang> this is really a strategic law question where we'd be better off to consult with a lot of people.  I suspect there is no easy answer ... we'd have to try it and see what happens
23:53 < Q> iang: "...protection *for us*..." is this REAL protection, or something that can be bypassed anyhow? What if others are not CAcert member?
23:53 < iang> any thoughts, law and aphexer?
23:54 < iang> well, it is real protection for us, in that we can state in court that our licence agreement unilaterally is reserved for Arbitration
23:54 < aphexer> the only protection we get is that others can't easily copy policies
23:54 < law> I am fine with either solution. Maybe just add the DRP clause and have the arbitrator reject it if it comes to arbitration for non-CAcert-related stuff.
23:55 < iang> so the court would actually have to find that clause invalid ... or, he'd have to dismiss the case, and then send it all to our Arbitration
23:55 < Q> aphexer: no, they can copy, that's the idea behind the CC-by-sa license
23:55 < iang> our Arbitration is cheap and good ... courts are generally expensive (mostly because we'd need lawyers)
23:55 < law> Or could we argue, that the DRP clause only applies to the instance posted by CAcert?
23:56 < iang> it doesn't matter if the others are not members, as the licence clause can explictly say the dispute resolution, so it applies to this particular contract
23:56 < Q> ok, care to create a motion?
23:56 < iang> "This comment is licensed under CC-by-SA with all disputes reserved to CAcert DRP."
23:57 < iang> law:  we could certainly argue that on the day ... the thing is, we would have the option then
23:57 < iang> in any given case, it will be more clear what we want to do ... having the option to force the case to our Arbitration would be a good thing
23:58 < Q> ok, care to create a motion?
23:59 < iang> Resolved, that documents prepared and approved by policy group under the Policy on Policy be licensed openly under CC-by-sa licence, and that a clause be added to the licence notification in each file that all disputes be referred to our Forum of Arbitration under DRP.
23:59 < Q> second and aye
23:59 < law> aye
00:00 < iang> if that referal to DRP doesn't work in any court, we've lost the cost of attempting it ... a couple of thousand dollars in a motion to the court, only.
00:00 < Q> proxy vote aye from nb
00:00 < iang> aye
00:00 < aphexer> aye
00:00 < iang> (iang here speaks not as a lawyer, but as someone who did something similar in a case -- tried to back out of an Arbitration and failed .. cost $1500)
00:02 < Q> I declare it carried
00:02 < iang> i'll post the motion?
00:02 < Q> iang: will you inform the policy group?
00:02 < iang> yes, ok!
00:02 < Q> yes
00:03 < Q> next, 2.4: AGM preparations.
00:03 < Q> Iang: you have the floor
00:04 < iang> AGM Preparations added by Iang
00:04 < iang>    1.  Diary should be complete by now ... https://wiki.cacert.org/AGM/Diary/2010 .. to the extent that I have reviewed most material I can think of
00:04 < iang>    2. Textual description to be written
00:04 < iang>    3. Forward Looking Statement
00:04 < iang>    4.  progress on Team Reports
00:04 < iang>    5. Financial Report. 
00:04 < iang> The Textual description is our "readable" summary of our year.
00:05 < iang> The Forward Looking Statement is our guidance to the incoming Board, and our plan for the future ...
00:05 < iang> for team reports, we still only have the two.
00:06 < Q> iang: I noticed your email regarding revising history.
00:06 < iang> Infrastructure and Arbitration ... I suspect Arbitration will get some more work done on it as well as currently only statistics are there
00:07 < Q> It seems that before we as board can decide opn what we'lll put in the history, some members are making modifications. 
00:07 < iang> ah yes, there were three instances that I saw
00:07 < iang> Ernie didn't want her name in there (I gather from u60) so it was removed from a comment about the Task List created last March.  I have no issue with that.
00:08 < Q> This does not seem right to me. We need a proposal that is supported by the board. Once we accept it, it is a board statement. How can we make sure it isn't changed afterwards?
00:08 < iang> Dan made some modifications to something, I forget which.  I accepted most, but one not.
00:09 < Q> ok, so you get to accept/decline modifications?
00:09 < iang> Also, there were modifications made to the story about the contract debate, by Andreas.  To some extent, this can be seen as wanting to cast one side in a better light ... but as an extreme, it's fighting the battle again.
00:09 < Q> I do think we should incorporate input from our members, I just think others should not be able to simply change the pages
00:10 < iang> One change in particular was quite controversial, in that he dropped the comment about "take-it-or-leave-it" and inserted a comment that the contract was a draft.
00:10 < iang> I personally think that flies in the face of the record of the activity, and was a key reason why the contract failed.  To call it a draft and to accept no changes is to me ... an issue
00:10 < Q> Since we were not allowed to make modifications as we deemed necessary, it was definitely not a "draft, open for discussion"
00:11 < iang> I don't mind others being able to make changes.  It would be nice if the changes were non-controversial, or suggested in clear fashion ...
00:12 < iang> I am actually keeping the primary file on my desktop, so it is easy enough to override...
00:12 < law> wiki has version control. so this is not a big deal.
00:13 < iang> I am however not keen to return to the ways of the past ... I'd rather that people dive in and make bad changes ... and be told off ... than we launch a complete ban on community help in this
00:14 < iang> law: right, exactly.  So the record now shows that this change was made, and it is easy enough for us to not accept it ... for the reason that it is factually incorrect
00:14 < Q> ok, so with the version control we have both: easy input fropm our members, but still the ability to no accept proposals?
00:14 < iang> I think that if there is general consensus that we can reject changes, I'm fine with that
00:15 < iang> the report is after all our report ... the teams and members can submit their own report.
00:15 < law> Yes, by simply reverting an edit.
00:15 < iang> for example, Dan submitted his report, and it includes some statements that might be uncomfortable ... but that's fine by me, it's clearly his report
00:16 < iang> I think we're of consensus here .. Alexander?
00:17 < iang> 2. Textual description to be written ....  I'm guessing that I'll be writing this
00:17 < iang> in the sense that I've been most present over the entire period, and have done the diary
00:18 < iang> I'll be drawing from the last year's Forward Looking Statement, and presenting our progress ... which might be a bit unhappy :-(
00:18 < iang> where I'd like some help is with 3. Forward Looking Statement
00:18 < aphexer> yes, the wiki seems the best place to prepare the report... Would be good to align the board's report with the team reports though
00:18 < aphexer> if one says it went one way and another report says it went another way...
00:19 < iang> mmm... i don't mind if the reports differ ... I actually quite like the frank and full debate to spill out into the annual report
00:20 < iang> what I don't like much is the range of possibilities in getting them aligned ... is one report changed?  suppressed?  is someone pushed out?  Is some deal done?
00:20 < Q> I agree with Ian here: the reports are written by the team leads, not by the board
00:21 < aphexer> ok
00:21 < Q> It could be embarressing if the team leads have a completely different story than the board,. but that's better than trying to sweep these differences under the carpet.
00:21 < iang> not every body agrees with me ... but I like the controversies to boil away on the surface
00:21 < Q> So we should not modify reports if it does not suit us
00:22 < law> Agreed. However, if there a large differences these should be cleared up. Also because of improving the work with the teams.
00:23 < iang> yup ... and when we see those large differences, we know there is more work to do
00:23 < Q> ok, summary: 
00:23 < Q> - board reports: should represent ideas by the board. We can cobntrol that because of the versions in the wiki
00:23 < Q> - team reports: we should not modify these, these are the responsibility of the writer
00:23 < Q> ok?
00:23 < aphexer> ok
00:23 < law> ok
00:23 < Q> law: yes, but we *can* clear them up, because they surface
00:24 < iang> agreed
00:25 < Q> So, from topic 2.4, we still have the forward looking statement that needs to be done,. and the financial report.
00:25 < Q> Financial report might be a bit of a challenge
00:25 < Q> but we'll discuss next meeting
00:25 < iang> I suggest this is deferred along with item 2.1
00:26 < Q> forward klooking statement is something we all should think about
00:26 < iang> for the forward looking statement, I'd suggest reading the description of the last report ... it has several things that should focus
00:26 < Q> I ask everyone to read the last forward looking statement and send 
00:27 < Q> right, what I wanted to say
00:27 < Q> iang: can you send a reminder to all of us (so including Mark and Nick)?
00:27 < iang> https://svn.cacert.org/CAcert/CAcert_Inc/General_Meetings/AGM-20100130/CAcert_Annual_Report_2009.pdf is the PDF of the report
00:28 < Q> then next topic: 2.5, Infrastructure
00:28 < iang> ok
00:28 < Q> who wants the floor?
00:28 < iang> law?
00:29 < law> OK. Before the meeting we discussed infrastructure again. So we would need to appoint someone to take up Daniels role there.
00:30 < iang> if not appointed, it is our role
00:30 < law> Aphexer offered to help here, but would give up arbitration in return.
00:30 < aphexer> can't combine both tasks with my limited time
00:30 < law> Other names on the list are Jan and Markus. Still others?
00:31 < Q> Hans?
00:31 < iang> i think that is facing all of us ... we can help but only by giving up other tasks
00:31 < law> I talked to PG. He is trying to back up some of the work, but is limited in time and not willing to do HR work.
00:31 < law> Also we need a second admin for the vm host.
00:32 < law> (That board cannot do)
00:32 < iang> there is the issue that infrastructure sites are still inside the Ede, BIT location ... so Access Engineers and Critical System Admins are not (my) favoured sysadms for infrastructure ... but that's just me
00:32 < law> agreed. At least for the central part. I have no problems with individual vms.
00:32 < iang> the first thing to establish would be ... do we have access to the host?
00:32 < Q> it *does* make separating them later more complex...
00:33 < iang> then, do we have access to all the VMs?  even if it is access without management
00:33 < iang> if we've got those two things under control, we might be in a position to ask around for more sysadms?
00:34 < law> Access could be established by critical team and PG.
00:34 < iang> PG has access to the host?
00:34 < law> yes
00:34 < iang> ah good.
00:34 < iang> does that give us access to all the VMs?
00:35 < law> yes
00:35 < iang> ok, so if we did some form of recruitment we could simply ask PG to give a particular sysadm access.
00:35 < law> at least I would say so. Have not seen the system myself. So I still need to do some guessing.
00:36 < law> yes, and the critical team for getting network access there.
00:36 < law> actually this is quite complex.
00:36 < iang> right :)
00:38 < law> So currently critical team needs a static ip address from where the admin will access the system, a username and a public ssh key and a list of the systems where he should have access to. Then PG could create an account and grant root access to the system itself.
00:39 < iang> critical team creates an account on the hop machine for the sysadm?
00:39 < Q> Do we use a stepping-stone-server? (e.g. a server you have to logon to first, and that from then on logs all activity)?
00:39 < law> right
00:40 < iang> i can't see that we can improve on that in the short term
00:40 < iang> so, is the next step to ask around for sysadm help?
00:40 < law> I am not sure what logging is performed there, but currently there is only one vm accessible via internet from defined ip addresses via ssh.
00:41 < law> There are two things: Getting help on individual systems (vms) and the whole infrastructure stuff. The latter should be picked from known staff I think.
00:43 < Q> So, summary: we need to find new sysadmins, they can get access to the server they have to manage via PG
00:44 < Q> Anything we need to decide here on this topic?
00:44 < law> I would help with access to the servers also since I know the procedure. But accounts need to be created by critical team and PG
00:45 < law> For now who to approach as new infrastructure in general admin.
00:46 < iang> are you suggesting ... picking up the host management role, and working with PG to manage the access to the VMs?
00:46 < law> no, just to help with the communication.
00:46 < Q> btw. this all sounds as if PG is a single point of failure. Is he happy with that responsibility?
00:46 < iang> ah, what PG called HR , ok
00:46 < Q> and are we?
00:46 < iang> I am not ...
00:47 < iang> but we've had PG as a single point of failure for around 3 years, so I'm used to it :)
00:47 < Q> ok, maybe something for a next meeting then
00:47 < Q> law, iang: you know what to do now?
00:47 < iang> to be fair, he is the backup ... and only now is he the last backup :)
00:48 < iang> Q: i think I know how to help ... I'm more cautious about the precise plan and leading the charge ... I suspect the next thing is to mail out to sysadm list?
00:48 < law> But I might consider to become infra admin myself, but not sure if I can put the required time into it. So it might be only a backup. First I would write to some people and ask whether they could take this additional role. Currently only Jan and Markus are on the list, others have been excluded for some reason. 
00:49 < Q> iang: yes please
00:49 < iang> (law: as an aside, I've re-entered into the BS code)
00:49 < law> I would not like to recruit the central infra management by a broad call.
00:50 < iang> nod
00:50 < law> Doing a call for sysadmins would be a second step, after the central infra management is in place.
00:51 < iang> hmmm... that means that we are dependent on sorting out the central infra management first ... does this mean you suggest approaching those two and asking?
00:51 < law> iang:  I am still working on getting a git repository. Somehow did not get together with markus during the last week.
00:51 < law> It is not an absolute requirement, but preferred, since the central admin can also create the accounts then.
00:52 < law> Yes, I would first approach these two.
00:52 < iang> ok, I'm agreed with that
00:52 < iang> Q: I think we know what to do then!
00:53 < Q> good
00:53 < Q> Question time
00:53 < Q> Anyone left here?
00:53 < law> OK, I will mail them.
00:53 < iang> not a question, but an FYI:  https://wiki.cacert.org/Domains
00:56 < law> good. do you want to show it to the community before we vote on it?
00:56 < Q> How do you want to reach all domain owners?
00:57 < law> I would just try the cacert mailinglist...
00:57 < Q> ok
00:58 < law> and maybe cc the people we know, henrik, christopher, HCC, Alejandro
00:58 < iang> i would show it to the community ... it has in effect been published on the mail archive anyway
00:58 < Q> I'd say communicate it as a practice we're thinking about, and ask fro feedback
00:58 < Q> Then later we can vote on it
00:58 < Q> Anything else?
00:59 < iang> i don't think so ... although I just posted another thing to the board mail list to read and think about ... as requested last week
00:59 < Q> If not I'd like to close the meeting, but not before we confirm the next meeting
00:59 < iang> in your mail boxes :)
01:00 < iang> traditionally, this would be either 29th or 5th.  I'd like to go for 29th
01:00 < Q> this is the second meeting in august, so it must be september 5th
01:00 < iang> because i don't want to delay on the Finance issue
01:00 < Q> Why august 29?
01:00 < iang> also, I recall that Oophaga asked for something by 1st September?
01:00 < Q> ok, anyone has an objection ?
01:00 < Q> to 29th
01:01 < law> fine for me
01:01 < Q> aphexer?
01:02 < Q> ok, next meeting august 29
01:02 < Q> Thanks all, and see you in two weeks
01:02 < Q> bye
01:02 < law> bye
01:03 < iang> ok, bye!
01:03 < aphexer> Q: oh, thought meeting was over a few minutes ago already, yes 29th is ine
01:03 < aphexer> fine*

Original meeting transcript in SVN.


Categories:

Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20100815 (last edited 2010-08-29 20:42:22 by SunTzuMelange)