Committee Meeting 2022-05-05

The meeting will take place at 18:00 UTC in the IRC channel #board-meeting on the CAcert IRC network.

The committee changed the starting time of its monthly meeting. To not get lost, please click on the linked time 18:00 UTC above to see the time in your local time.

Feel free to add a business item within the acceptance period of 48 hours or your question to the board below. Non-committee members: the committee may choose to convert any business proposed as a question in the questions section.

Agenda

Signs that appear in the agenda
<!> Formulated motion on your topic. It will be put to the vote. Adjustments may be made before the vote. A motion must be submitted for resolutions!
{i} Information for your attention. Does not need to be explained or discussed at the meeting. Purpose: Everyone is up to date.

  1. Preliminaries
    1. Chair opens the Committee Meeting
    2. Who is making minutes? ### (Writing minutes in real time)

    3. Chair asks whether cacert-board-private or cacert-board maillist includes any items that need to be disclosed to Members.

    4. Accept minutes from 7.4.2022 <!> "I move to accept the minutes of the committee meeting of 7rd of April 2022."

  2. Business

    Acceptance of new business items no later than 48 hours before the start of the committee meeting!

    1. Quick decisions
      1. <!> Maybe* "I move to accept the background check for Gero T." (*the BGC is under way, decision can be taken if it arrives before the meeting, if not, decision to be taken on June 2nd)

      2. <!> Is 18:00 UTC better than 20:00 UTC during northern daylight saving time?

      3. <!> "I motion to pay Jan 500 Euro and 250 Euro for Dirk for work that they have each done already for the OpenID Connect project." by Brian (I plan for that to be partial compensation for the work that they have done, with a bit more to come when the project is completed.)

    2. Quick infos
      1. {i} CCA update has been initiated. (ad new IBAN in Feb, review in March, sent in spring after new firewall installed) XXX ANP. NACH ANTW D.A: XXX

      2. {i} Tax exemption: on the way

    3. Finance team (Michael)

      1. New ERP: Info: State of affairs
    4. OpenID Connect (Brian) (integration / what is done / what will be done until end of year / Board asks whether there is anything that they can do to assist)

      1. At present, there is a need for people who are willing to edit and create appropriate documentation for various audiences. --> involve partner organisations? e.g. via mailing list (Linux Australia comes to mind, also x, y, z?)

      2. Update
        1. A message was sent to the mailing lists CAcert and CAcert Board Public, with no response at this point. That will be re-sent in a week or so, with any edits suggested at this meeting.
        2. I would ask the Board whether I should mention payment when I repeat our call for volunteers, since there has been no response to the first message? (Brian)
    5. Future of secureU e.V. (Discussion)
      1. {i} CAcert Critical Team Lead Dirk A has been designated by motion ended on 13th March 2022 Agent for the Board of CAcert, Inc. in the matter of transferring of all CAcert assets from Secure-U! to CAcert, Inc.

      2. Something to discuss?? next step ??
    6. Background Check (Ted)

      1. {i} Ted is happy with the initative to enlarge the number of background checkers (BGCer)

      2. {i} Ted has updated the BGC wiki page; DE, FR and CZ translations are updated as well. https://wiki.cacert.org/NewBackgroundCheck

      3. {i} BGC for Gero: Interview happend (by Ted&Etienne), report will be sent to committee soon.

      4. {i} BGC for Peter is initated. (date searching; Interview by Ted&Egal)

      5. {i} BGC for Kim, Matthias and Sascha are initated. (address transfered to BGCer)

    7. New CSR software (Ted)

      1. Brian and Dirk have been looking at possible updates for this software. There appear to be two current options, one from Jan.
    8. Software reviews
      1. {i} Thank you for the contributions at https://nextcloud.cacert.org/apps/files/?dir=/CAcert%20board/Work%20products&openfile=5961 It will be used for the upcoming mailings. The secretary will update the original in the wiki: https://wiki.cacert.org/engagement

    9. Remote Assurance (Brian)

      1. {i} Discussion in Policy Group is refreshed https://lists.cacert.org/wws/arc/cacert-policy/2022-04/msg00000.html

      2. Create a remote assurance sub committee (RASC)
      3. {i} Brian envisaged writing a version of the "modified" Policy paragraphs, and post that to Policy Group.

        1. Dirk reported that Eva, in conversation, offered to work on this, but not before late June, at the earliest.
    10. Hardware renewal plan (Michael)
      1. {i} The committee will take time to discuss the equipment renewal proposal, brought forward by Michael, when he is present.

      2. {i} Dirk planned to replace the broken alix-board (10/100) to apu-board (1 Gbps) for firewall fw02 within the next two weeks, and perhaps the second firewall next time he visits Bit in May. Reports!!

      3. {i} Frederic proposes to go with Dirk to Ede at BIT in May, to mount an extra processor and its cooler on the server Brent gave us, which is now running as Infra03. Dirk proposes to take advantage of Michael's presence in Europe in May, to visit BIT together. Update!!

      4. Who is taking care of this project?
      5. Who will start to write a draft?
    11. 6th OpenPGP Email Summit
      1. {i} Michael sent the invitation to this event on Friday, May 27 & Saturday, May 28, 2022 in Geneva (Switzerland) at the offices of Proton AG (the company behind ProtonMail and OpenPGP.js) (those interested, please ask the secretary to forward you the invitation) https://wiki.gnupg.org/OpenPGPEmailSummit202205

      2. This is an event open for anybody involved in the development of email clients using OpenPGP for encryption, and related software. The agenda will be driven by the attendees. Anyone may propose any topic for discussion, as long as he/she is ready to lead the discussion. Is there a topic from side of CAcert if someone will attend the summit?
  3. Question Time

    Questions from CAcert.org community members can be added until beginning of committee meeting! As well questions can be asked at "Question Time", without added question here.

    1. "Question One." added by Your Name Comment: Replace "Question One" by your Question and add your name

      • ..
    2. Closing
      1. Agree on date of the next Committee Meeting: 2. June 2022
      2. Agree on the following meeting dates: 7. July 2022, 4. Aug. 2022, 1. Sept., 6. Okt., 3. Nov. 2022 (keep date free, can be changed if necessary)
    3. To remember: Goals 2021/2022 (propositions by board 2020/2021) - Each goal needs a responsible person on the board who keeps an eye on it and reports regularly, keeps in touch with the responsible people.
      • push OrgA (Guy)
      • expand PR (Alex cannot do this, wants to hand over)
      • support SecureU (find an active board member for them in Germany)
      • expand background check
      • simplify the certificate creation (this enables the start of various projects from the pipeline)
      • remote assurance, if accepted by the community;
      • software development and testing
      • delivering the OpenID Connect integration, for which CAcert is funded by the RIPE NCC.
    4. Not to forget: Staffing the teams
      1. Applicants to the Infrastructure team
      2. Applicants to the Development team
      3. Applicant to the Critical team
    5. Access to local systems for board members

Person

Board-Private

Committee Archive

Wiki

Nextcloud

Brian

(./)

(./)

(./)

(./)

Etienne

(./)

(./)

(./)

(./)

Frédéric

(./)

(./)

(./)

Admin

Kim

(./)

(./)

<!>

?

Michael

(./)

(./)

<!>

?

Sascha

(./)

(./)

(./)

Admin

Wacław

<!>

(./)

<!>

?

1. Tasks assigned to Board Members and others

Person

Task

Deadline

Other People Involved

Notes

Brian

Contact QA/QC Volunteers

10 January 2022

Gero Treuner, Peter Nunn, others?

To begin work, they do not need ABC.

Brian

bla

2022

xxx

xx.

Brian

bla

2022

xxx

xx.


  1. Software Team
    1. Issue 1502: Adapt the UI at CAcert.org to deal with the "keygen" feature having been removed in browsers

    2. Issue 1482: Limit validity period of new HTTPS certificates to one year

    3. Issue 1444: PHP - Brian

    4. Issue 1417: Keygen / new CSR software - Bernhard

  2. Organisation Assurance
    1. How to relance OrgA? (Guy)
  3. Grant applications
    1. Protopype Fund https://prototypefund.de/en/ (mail to SW Board only)

      1. The Prototype Fund is a project of the Open Knowledge Foundation Germany, funded by the Federal Ministry of Education and Research (BMBF). This is for residents of Germany only. We could create a group of people that work on a project for CAcert (with all support of the others in the background). It runs for two more years, every 6 month.
      2. Infra does not see any acute need at the moment, and does not have the capacity to provide qualified support.
      3. There are some ideas for software, but in infra's view there is still a lot of conceptual and preparatory work missing. What Infra could imagine is financing people to carry out a requirements analysis and write a requirements and test specification. This could then be used as a basis for a new implementation of the CAcert software (WebDB, Signer and perhaps other things like CATS). But these are just a few ideas of JanDD and he cannot currently recommend any people who would be suitable for this. Potential candidates would have to deal intensively with the existing software on the one hand and with the underlying policies on the other, and would have to identify a lot of missing information, ask for it and make assumptions for discussion. This requires very good analytical and communication skills and a high level of stamina.
  1. Blockchain
    1. see here: https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2018-03-01/ideas#Blockchain (waiting for answer from IanG)

Minutes Committee meeting - 2022-05-05

Participants

Members of the Committee:

Present, by alphabetical order

Etienne Ruedin

Frédéric Dumas

Kim Nilsson

Michael Richardson

Absent or silent, by alphabetical order:

Brian McCullough

Sascha Ternes

Members of the CAcert community and other guests:

Having been active during the meeting, by alphabetical order

Dirk Astrath

Committee meeting - 2022-05-05

1.1 Opening

Etienne opened the meeting at UTC 18:19

Chair asks whether cacert-board-private or cacert-board maillist includes any items that need to be disclosed to Members.

There was a mail from our president with a motion he asked to add yesterday in the afternoon. I added it just befor the meeting to quick decisions#3. - It was decided that this was added too late for this meeting.

1.4 Chair moves to accept the minutes of the committee meeting of 7rd of April 2022. Accepted

1.5 Discussion about some in-person informal meetings

Michael, Dirk and Frederic discussed meetings on May 12/13 at/around Essen. Michael reports that he will arrive in Schipol(Amsterdam) airport on May 12, 7:30am, and will make his way via a few appointments to Essen by the evening of (Thursday) May 12. Frederic may arrive in time for beer on Thursday evening from Poland. Michael, Dirk and Frederic to visit railway museum and get to know each other during the morning of May 13. Assurances will be done. Mark Overmeer will be invited to join as he is able.

2 Business

2.1 Quick decisions

2.1.1 1 is still under the way

2.1.2. Is 18:00 UTC better than 20:00 UTC during northern daylight saving time? Kim, yes, Frederic, yes, Etienne, ok.

2.1.3 Brian had sent in a motion saying "I motion to pay Jan 500 Euro and 250 Euro for Dirk for work that they have each done already for the OpenID Connect project." by Brian (I plan for that to be partial compensation for the work that they have done, with a bit more to come when the project is completed.)

The motion was sent in too late (2022-05-04) for a final decision during this meeting. So instead the chair suggests we turn it into a 7-day-motion so everyone can consider, decide and vote during the following week.

Frederic wants to include Brian in this early payout, and all amounts increased, and therefore it needs to be rewritten.

A draft of the motion looks like this "I motion to pay Jan 2000 Euro and 1000 Euro for Dirk for work that they have each done already for the OpenID Connect project, before its kick-off meeting. I propose to pay Brian 1800 euros for the work done since the kick-off meeting."

Kim suggests that Frederic talks with Dirk, Jan and Brian to verify the relative amount of work, so the payment is proportional. Then adjusts the motion accordingly.

2.2 Quick infos

2.2.1 CCA update has been initiated.

2.2.2 Tax exemption: on the way,. Etienne has all the documents.

2.3 Finance team (Michael)

2.3.1 New ERP: Info: State of affairs - Frederic comments on the delays.

2.3.2 Access to the GKB bank account (Switzerland) for Michael: Etienne confirms that it is on its way, Michael doesn't have to do anything, he just has to be patient for Etienne to complete the procedure.

2.3.3 Access to Westpac bank account (Australia) for Michael. There is apparently a branch in London, UK that Michael may be able to visit while there. However, attempts to reach that branch have so far failed, and it may be that this is not in fact possible. Still TBD.

2.4 OpenID Connect

2.4.1 Brian had emailed asking for volunteers to document, but since there is no working tool, there is nothing to document. Dirk confirms that there needs to be something usable first.

2.4.2 Brian asks if payment should be mentioned when asking for volunteers.

Frédéric suggested that Brian could make a public and interactive presentation of the progress of his work; this presentation would be announced on our discussion lists, and all would be invited. A way to mark a milestone, to communicate publicly about what we have achieved.

Dirk agrees, but perhaps (again) there needs to be something tangible, an alpha of an actual OpenID implementation. Most likely the best idea is to do just that but in two steps.

1. Public presentation life or recorded and made available to watch; outlook as well;

2. possibility "early access" if willing to document.Both posted to (cacert/cacert-de/cacert-fr/cacert-es/board public/blog)

2.5 Future of secureU e.V.

2.5.1 Critical Team Lead Dirk A and Treasurer Michael R plan to meet during May, since Michael is travelling in Europe and also seeing Mark. The transfer at B.I.T. will probably done in May 2022. Plan B: Dirk and Frédéric will meet Mark two weeks later, if it would not work with Michael.

Pleasant discussion of what is going to and what could happen during Michael's trip. (see above 1.5)

2.6 Background Check

2.6.1 Ted is happy with the initative to enlarge the number of background checkers (BGCer)2.6.2 Ted has updated the BGC wiki page; DE, FR and CZ translations are updated as well. https://wiki.cacert.org/NewBackgroundCheck2.6.3 BGC for Gero: Interview happend (by Ted&Etienne), report will be sent to committee soon.2.6.4 BGC for Peter is initated. (date searching; Interview by Ted&Egal)2.6.5 BGC for Kim, Matthias and Sascha are initated. (address transferred to BGCer)

2.7 New CSR software - this is about keygen

Bernhard being absent, the topic is postponed.

2.8 Software reviews

2.8.1 Engagement/Landing page - The page is editable on Nextcloud, awaiting improvements that everyone would like to make. None of the participants in the meeting confirmed having participated in the drafting prepared by Etienne. The secretary will update the wiki according to what is available on Nextcloud.

2.9. Remote Assurance

2.9.1 Discussion in Policy Group is refreshed.2.9.2 Create a remote assurance sub committee (RASC)

2.10. Hardware Renewal

2.10.1 Michael & Dirk have to talk together: what is broken, what is old, what is new. This could happen when they meet in Essen in May.

2.11 6th OpenPGP Email Summit

2.11.1 Michael says it would be great if someone could attend. Dirk mentions he'll be at LugCamp in Ullerup, Denmark during that time.

3 Question time

3.1 Tasks should be edited/commented when there is progress, but can keep being copied onto the following agendas, until they are no longer goals.

3.2 Closing

3.2.1 Agreed on date of the next Committee Meeting: 2. June 2022

3.2.2 Agreed on the following meeting dates: 7. July 2022, 4. Aug. 2022, 1. Sept., 6. Okt., 3. Nov. 2022 (keep date free, can be changed if necessary)

Dirk reminds that the board needs to start considering adding thoughts about the AGM in the autumn.

Chair/Etienne closes the meeting at UTC 20:13

Logfile

Logfile from meeting 2022-05-05

Motions

Actions

Who

Status

Action

Minutemaker

wip

prepare Agenda and Minutes for the next meeting

Brian

Software meeting

every 2 month

Secretary

bank

accounts, contact with treasurer


Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2022-05-05 (last edited 2022-05-05 20:48:36 by EtienneRuedin)