. '''To Brain''' '''[[Brain#CAcert_Inc._-_CAcert.org_Members_Association| CAcert Inc. - CAcert.org Members Association]]''' - '''To Brain CAcert Inc. Committee''' '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes| Meeting Agendas & Minutes]]''' - '''[[OverviewProjectsBoard|Board's Project Overview]]''' - '''[[Brain/CAcertInc/Committee/ActionItems|Current Action Items]]''' - '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130224|last meeting]]''' - '''[[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130324|next meeting]]''' ---- = Committee Meeting 2013-03-10 = The meeting will take place at [[http://www.timeanddate.com/worldclock/fixedtime.html?msg=Board+Meeting&iso=20130310T21|21:00 UTC]] in the IRC channel #board-meeting on the CAcert IRC network. Committee Members: feel free to add a business within the acceptance period or your question to the board below. Others: add a question to the questions section. == Premeeting == 1. Minutes author prepares [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130224#Minutes|the minutes from the last meeting]] 1. Minutes author prepares the [[Brain/CAcertInc/Committee/ActionItems|action items]]. '''All action owners''' to update. == Agenda == 1. Preliminaries 1. Chair opens the Committee Meeting 1. Accept [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130224#Minutes|the minutes from the last meeting (2013-02-24)]]. 1. Who is making minutes? 1. Chair asks whether [[https://lists.cacert.org/wws/arc/cacert-board-private|cacert-board-private]] maillist includes any items that need to be disclosed to Members. 1. Chair asks whether [[https://lists.cacert.org/wws/arc/cacert-board|cacert-board]] maillist includes any business items that aren't on the agenda yet. 1. Chair introduces the URL of [[Brain/CAcertInc/Committee/ActionItems|action items]] to the meeting, and asks for discussion. 1. Businesses {{{#!wiki caution Acceptance of Businesses 48 Hours before beginning of Committee Meeting latest! }}} 1. Acceptance of late businesses 1. Financial report (ongoing) . Submission of the summary to OFT . Extended version for the Association 1. Preparation of the SGM ''Werner'' 1. Read-Only access to the online banking for treasurer Michael (ongoing) 1. New Roots & Escrow project - risk analyze finalized - Whatsup next? - added by UlrichSchroeter * board to consider iang's Security Risk Analysis over the Root Key Escrow - paper . [[https://svn.cacert.org/CAcert/Audit/RootsEscrow/CAcertRootKeySRA-20120611FINAL.pdf|FINAL version]] . ([[https://svn.cacert.org/CAcert/Audit/RootsEscrow/CAcertRootKeySRA-DRAFT-0.91.pdf|older near-final draft]]) * Decision is required which Escrow method CAcert shall use for the New Roots & Escrow project * Background: . last time the escrow topic has been placed before board it was in 2010 . Ian finalized in 2012 the risk analysis over Root Escrow ... that probably needs attention by board . to finalize with a board motion which escrow method shall be used in upcoming new roots & escrow project . [[Roots/EscrowAndRecovery|Escrow And Recovery]] is the Escrow project entry page . see also [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20120127#Minutes]] top 2.2 * Previous Board discussions: . [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20100321|Board meeting 2010-03-21]] top 2.1 Determine Root escrow and recovery mechanism . [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20100403|Board meeting 2010-04-03]] agenda item 10 (reference to Policy Group discussions in mailing list cacert-root) * [[https://svn.cacert.org/CAcert/SecurityManual/RiskAnalysis.pdf|Risk Analysis (Threats Analysis) 2008]] by PG * Other teams discussions: [[Software/Assessment/20130205-S-A-MiniTOP|Software-Assessment project team meeting 2013-02-05]] a. we have . risk analyze . new roots procedure a. required steps? . decision of Escrow method . subroot under eg. org++ . cps changes? . new roots? . new signer? . indirect crl's 1. Business added by Your Name ''Comment: Replace "Business One" by Title of Business and add your Name'' . Additional Inputs ''Comment: Replace "Additional Inputs"by Description of Business, Description of Reason-Why/Purpose, Additional Comments, Additional Documents, Additional Links, if useful for other Committee Members to prepare for Committee Meeting.'' . et cetera 1. Question Time {{{#!wiki note Questions from CAcert.org Community Members can be added until beginning of Committee Meeting! As well questions can be asked at "Question Time", without added Question here }}} 1. What about use of micropayment services like Flattr or Kachingle for funding; added by BenBE 1. Is there any progress on question of European Community or country foundations; added by [[Iang]] . is this something to bring up at SGM? 1. Question One added by Your Name ''Comment: Replace "Question One" by Your Question and add your Name'' . et cetera 1. Closing 1. Agree on date of the next Committee Meeting 1. Chair closes the Committee Meeting ## ####################################################################################### ## FILL IN MEETING AGENDA ITEMS FROM LAST MEETING MINUTES DEFERED TO NEXT MEETING ## ####################################################################################### <> == Minutes == === 1 Preliminaries === ==== 1.1 Opening ==== Present: Dirk, Michael, Tomáš, Werner Meeting chaired by Werner. ==== 1.2 Minutes from last meeting ==== [[Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/20130224#Minutes|Minutes from 2013-02-24]] accepted in meeting by [[https://community.cacert.org/board/motions.php?motion=m20130322.1|motion m20130322.1]]. ==== 1.3 Minutes taker ==== Minutes will be taken by Tomáš. ==== 1.4 Disclosure of private communication ==== Nothing to disclose. ==== 1.5 Potential agenda items on cacert-board ==== No new issues identified on the mailing list. ==== 1.5 Action Items ==== Financial report done, key persons update still pending (due to SGM preparation). === 2 Business === ==== 2.1 Acceptance of late businesses ==== As the meeting page was prepared just before the meeting, all agenda items are late. Agenda unanimously accepted by [[https://community.cacert.org/board/motions.php?motion=m20130322.2|m20130322.2]]. ==== 2.2 Financial report ==== Kevin wrote 2013-02-26 that the report from AGM hasn't been sent to OFT yet. This means we do not have to request a change, only have to pay the AU$ 31 late submission fee for filing the SGM version. Michael (Treasurer) had a phone call with ex-Treasurer Jeffery trying to figure out where the differences between the original and revised FR stem from. Conclusion is that the new report is valid and the "alpha" version approved by Board is the final summary to be submitted to SGM. ==== 2.3 Preparation of the SGM ==== Meeting agenda page has been prepared by Ulrich & Michael. Tomáš will ask Mario to set VoteBot up. Call was done by personalised e-mail this time, no problems encountered. Many members are not eligible to vote due to unpaid fees, Michael is preparing the accounting system to handle fee payment reminders automatically. ==== 2.4 Read-Only access to the online banking for treasurer Michael ==== Direct access to bank statements would make Treasurer's life much easier. Some discussion ensued whether a motion is really necessary here as the Treasurer probably already has all the authority to get access. Motion that the treasurer gets read-only access to the online portal of the bank accounts where possible CARRIED. ==== 2.5 New Roots & Escrow project ==== A long discussion about escrow methods took place with no clear conclusion. To be continued on mailing list as this needs wider discussion and more time. Main points from the meeting: * The solution recommended by SRA (duplicate critical systems) is perceived by some to be prohibitively expensive in our current situation, both from monetary and manpower PoV. * There seems to be a notion that we need a quick solution now and switch to the duplicate systems solution later on, after Audit and presumable increase in resources. There were some hints that browsers are going to ban MD5 even including the root, but no concrete evidence for this was shown. * Combination of two Notaries/Bank safes is seen as a cost-effective alternative simple enough to implement. Using two third parties would eliminate possible single point of failure for recovery. The idea is to instruct the third party to allow access only to at least two persons from a predefined group of N (to enforce four eyes principle). The same people would also hold the passphrase needed to decrypt stored roots. Whether it's actually possible to set up such an access policy with a third party would need to be investigated. === 3 Question time === ==== 3.1 Use of micropayment services like Flattr or Kachingle for funding ==== Possible use of micropayment support buttons for blog posts and the like was brought to Board's attention by BennyBaumann. This could make it very easy for people to donate small amounts. Good wiki pages, blog entries or even specific bugs/patches could be supported in this way. Attaching this to the news items on www.cacert.org is complicated by the fact webdb is critical, so the idea is to try it out somewhere non-crit first. This will be handled in next meeting as a regular agenda item. ==== 3.2 European foundations and the possibility of Inc move ==== Board doesn't know of any progress in the direction of moving the Association. Some possibilities were investigated by the Community and are documented at [[Brain/CAcertInc/AssociationMove|AssociationMove]]. === 4 Closing === Next meeting will be on Sunday 2013-03-24 in accordance with the regular schedule. === Motions === * [[https://community.cacert.org/board/motions.php?motion=m20130322.1|m20130322.1]]: ''Accept the minutes from 2013-02-24 meeting'' * [[https://community.cacert.org/board/motions.php?motion=m20130322.2|m20130322.2]]: ''Accept late business for 2013-03-10'' * [[https://community.cacert.org/board/motions.php?motion=m20130322.3|m20130322.3]]: ''Read-only bank account access for Treasurer'' ---- . CategoryBoardMinutes