Committee Meeting 2024-08-08 18:00 UTC

The meeting will take place at 18:00 UTC at https://meet.jit.si/cacert If you do not have audio channel, you may try in the IRC channel #board-meeting on the CAcert IRC network.

Feel free to add a business item within the acceptance period of 48 hours or your question to the board below. Non-committee members: the committee may choose to convert any business proposed as a question in the questions section.

<!> Daylight Saving Time: 18:00 UTC = 20:00 CEST (Geneva) = 14:00 EDT (New York)

Agenda

Signs that appear in the agenda
<!> Formulated motion on your topic. It will be put to the vote. Adjustments may be made before the vote. A motion must be submitted for resolutions!
{i} Information for your attention. Does not need to be explained or discussed at the meeting. Purpose: Everyone is up to date. (max. 10 seconds)
(!) Discussion topic with or with no decision.

  1. Preliminaries one
    1. Chair opens the Committee Meeting
    2. Who is making minutes?

    3. Chair asks whether cacert-board-private or cacert-board maillist or Threema chat or Telegram group includes any items that need to be disclosed to Members.

    4. <!> Accept minutes from 4. July 2024 <!> "I move to accept the minutes of the committee meeting of 4th of July 2024."

    5. Agree on the 5th of September 2024 as date for the next committee meeting. (Following dates probably 3. Oct 2024, 7. Nov 2024 18:00 UTC)

  2. Business

    1. AGM 2024

      1. {i} Date fixed by the committee https://motion.cacert.org/motions/m20240717.1

      2. {i} Save the date sent to the members by secetary

      3. {i} Annual Report startet by president

      4. {i} Team Report startet by various

      5. {i} Finance Report started by treasurer

      6. {i} Invitation ready to be sent

      7. {i} Review member register to be done this week end by secretary/treasurer

    2. Background Check

      1. pipeline (list to review, complete, slow down or speed up) (will we start new ones? who? done by who?)

        1. {i} BGC for Peter is initiated. (date searching; Interview by Ted&Egal)

        2. {i} BGC for Matthias are initiated. (date searching started in August 2022)

        3. {i} BGC for Sascha are initiated. (language: en or de)

    3. Events
      FrOSCon 2024 (Organisation: Dirk, Content: Brian)

    4. OpenID
      issue: alpha or beta version available
      who: Brian, +?
      what help needed:
      next step: glue together
      FrOSCon 2024

    5. Accessability (Jan, Egal)

      1. {i} Implementing LetsEncrypt certificates on public facing services, instead of keeping them behind CAcert's "unknown" certificates: done at code.cacert.org

      2. (!) Implement on more public facing services? Which ones?

    6. Finance (Frédéric G.)

      1. {i} Finance Report 2023/2024 startet

      2. {i} CiviCRM
        issue: install, following plan
        who: Frédéric G
        what help needed: Brian looks for a way outside critical
        next step: Frédéric will install/introduce it for accounting and members list

      3. {i} Paypal Any news from Singapore?

    7. {i} e-Mail 3
      issue: implement new addtional standards
      who: Kim, JanDD
      done: analysis
      next step: implement SPF, followed by DKIM/DMARC; steps SRS/validation after SGM
      what help needed: Until more people show up to do the actual work, Jan does not see that step 5 (validation) will happen. There is no way this will happen in short term.

    8. {i} Big Mail
      issue: review and sending
      who: Etienne, Dirk
      what help needed: none
      done: text finished; provereading finished, waiting for final approving
      next step: sending)

    9. Class 1 / Class 3
      issue: change the policy
      who: Kim, +?
      what help needed:
      next step: submit proposals or drafts for discussion at Policy group

    10. SGM Future (by FG)
      issue: maybe dissolution of the association?
      Last steps: Pro and con discussed at SGM meeting on May 16th 2024
      information by secretary on blog
      Next steps: Waiting for discussion on PolG
      followed by: Fix a date
      see table in the annexe for details
      Annexe: Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-06-06/SGM

  3. on hold (for later this year)
    1. Infrastructure: (Dirk)

      1. Start thinking about planning when to do things about new roots, so we are prepared several years in advance, as no certs should have a end-date after any root certificates. Also take a look at the old Escrow article. https://wiki.cacert.org/Roots/EscrowAndRecovery

    2. Remote Assurance (Brian)

      1. {i} Creation of remote assurance sub committee (RASC) on the hold until Eva is available for the policy. Secretary got in touch with Eva on Oct. 12.
        "Users Requests, summarized." added by Aleš a) need for a distant assurance (no assurers, no TTP possibility in their country); b) need for the write access to our Wiki.

    3. Any other business (board members forgot to ask the secretary to put it on the agenda)
    4. What's coming next? ???
  4. Question Time

    Questions from CAcert.org community members can be added until beginning of committee meeting! As well questions can be asked at "Question Time", without added question here.

    1. "Question One." added by Your Name Comment: Replace "Question One" by your Question and add your name

1. Closing

  1. To remember: Goals 2021/2022 (propositions by board 2020/2021) - Each goal needs a responsible person on the board who keeps an eye on it and reports regularly, keeps in touch with the responsible people. {X} obsolete / (./) started / {OK} waiting for available time

    • push OrgA (Guy)
    • expand PR (Alex cannot do this, wants to hand over)

    • (./) delivering the OpenID Connect integration, for which CAcert is funded by the RIPE NCC.

    • (./) expand background check

    • {OK} remote assurance, if accepted by the community;

    • (./) simplify the certificate creation (this enables the start of various projects from the pipeline)

    • software development and testing

    • (./) New CSR software

    • {X} support SecureU (find an active board member for them in Germany)

  2. Not to forget: Staffing the teams
    1. Applicants to the Infrastructure team
    2. Applicants to the Development team
    3. Applicant to the Critical team

  1. Access to local systems for board members

Person

Board-Private

Committee Archive

Wiki

Nextcloud

Brian

(./)

(./)

(./)

(./)

Etienne

(./)

Admin

(./)

(./)

FrédéricD

(./)

(./)

(./)

Admin

FrédéricG

(./)

(./)

(./)

(./)

Kim

(./)

(./)

(./)

(./)

Michael

(./)

(./)

<!>

(./)

Wacław

<!>

(./)

<!>

?

Aleš

(./)

(./)

(./)

(./)

1. Tasks assigned to Board Members and others

Person

Task

Deadline

Other People Involved

Notes

Brian

Contact QA/QC Volunteers

10 January 2022

Gero Treuner, Peter Nunn, others?

To begin work, they do not need ABC.

Brian

bla

2022

xxx

xx.

Brian

bla

2022

xxx

xx.

  1. Software Team

    1. Issue 1502: Adapt the UI at CAcert.org to deal with the "keygen" feature having been removed in browsers (Some of this will be met with 1551 )

    2. Issue 1482: Limit validity period of new HTTPS certificates to one year

    3. Issue 1444: PHP - Brian

    4. Issue 1417: Keygen / new CSR software - Bernhard

  2. Organisation Assurance
    1. How to relance OrgA? (Guy)
  3. Grant applications

    1. Protopype Fund https://prototypefund.de/en/ (mail to SW Board only)

      1. The Prototype Fund is a project of the Open Knowledge Foundation Germany, funded by the Federal Ministry of Education and Research (BMBF). This is for residents of Germany only. We could create a group of people that work on a project for CAcert (with all support of the others in the background). It runs for two more years, every 6 month.
      2. Infra does not see any acute need at the moment, and does not have the capacity to provide qualified support.
      3. There are some ideas for software, but in infra's view there is still a lot of conceptual and preparatory work missing. What Infra could imagine is financing people to carry out a requirements analysis and write a requirements and test specification. This could then be used as a basis for a new implementation of the CAcert software (WebDB, Signer and perhaps other things like CATS). But these are just a few ideas of JanDD and he cannot currently recommend any people who would be suitable for this. Potential candidates would have to deal intensively with the existing software on the one hand and with the underlying policies on the other, and would have to identify a lot of missing information, ask for it and make assumptions for discussion. This requires very good analytical and communication skills and a high level of stamina.
  1. Blockchain

    1. see here: https://wiki.cacert.org/Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2018-03-01/ideas#Blockchain (waiting for answer from IanG)

Minutes Committee meeting - 2024-08-08

Present, by alphabetical order:

Frédéric Dumas, Aleš Kastner, Brian McCullough, Étienne Ruedin, Kim Nilsson

Absent or silent, by alphabetical order

Frédéric Grither

Members of the CAcert community and other guests

Dirk Astrath

1 Opening

18:08 the president opens the meeting.
The secretary will write the minutes.
The minutes from 4. July 2024 are accepted: 3 aye; 2 abstain
The next meeting will be held on 5th of September 2024.

2 Business

AGM: The committee takes note of the informations given in the agenda.

Events: Froscon will be in one week time. PHP and Pearl code of OpenID Connect is working, the visitors can test it at the CAcert stand. Egal will held two neighborng standds; they are 2x 4 people.

OpenID Connect: Dirk implemented OpenID Connect access at the bug tracker, so we cant test it -- but only 4 people at the same moment ;-)

Accessability was discussed one year ago. It makes sense, that wiki or the blog use a certificate that "is in the browser". There are no objections from ide of the committee, that Egal and JanDD implement this on public facing services after Froscon.

Finances: In absebtia of the treasurer, the secretary informed in short, that the treasurer has all documents for the finance report and started allready to write it.

Implement new addtional standards at our e-mail services progress slowly, but as fast as possible. It will hapen depending of the available time by Jan. We are very gratefull to him.

Big Mail: The committee takes note of the informations given in the agenda; Egal and the secretary hold an extra meeting concerning the latest polishing and translating just after the committee meeting.

Class1/3: Aleš, Jan and Kim are not completely satisfy with the draft for the policy change. As soon as they are, the will publish it at the policy group for discussion.

Waiting for discussion at policy group about a proposition to dissolve the CCA is not understood by some members of the committee. Kim will no more discuss it at board meetings until there is a date to fix for an SGM. The president does not understand, wy the initiator did not start the discussion at policy groups month ago and wanted still the secretary to do it on their behalf. None of the initiators wants to take the parole.

3 Question Time

Frédéric D is not happy with seven-days-motions. These were explicitly introduced at the time in order to reduce the workload of the meeting or to decide in time when they should be held and not only at the next meeting when there is broad consensus. In this specific case, around 90% were in favour of the date in question during the consultation process. Kim also points out that the motion machine sends out several emails and that you can ask any other member you trust to cast a proxy vote.

The president closes the meeting at 18:56.

Motions

Actions

Who

Status

Action

Minutemaker

wip

prepare Agenda and Minutes for the next meeting

Brian

Software meeting

every 2 month

Secretary

bank

accounts, contact with treasurer

Brain/CAcertInc/Committee/MeetingAgendasAndMinutes/2024-08-08 (last edited 2024-08-09 15:02:38 by EtienneRuedin)