. '''To Software''' '''[[Software|Software]]''' - '''To Software-Assessment - ''' '''[[Software/Assessment|Software/Assessment]]''' - '''To [[Software/Assessment/20110322-S-A-MiniTOP|previous meeting]]''' - '''To [[Software/Assessment/20110405-S-A-MiniTOP|next meeting]]''' ---- = Minutes of the MiniTOP on the 2011-03-29 = == Setting == The MiniTOP will be held via telco 22:00 CEST Attendees: Dirk, Ted, Michael, Uli == Topics == * Action items from last meeting '''[[Software/Assessment/ActionItems|Meeting Action Items]]''' || Uli || "Software and "Audit Ready" topic" contact Ian || {+} || || Uli || mail to Markus/Andreas: give Dirk, Michael, Ted console access onto cacert1, git || {+} || * Arbitration case [[Arbitrations/a20110312.1|a20110312.1]] * State Testserver Update * Current Patches on Testserver: * "Thawte" patch [[https://bugs.cacert.org/view.php?id=827|Bug# 827]] * /locale/ cleanup [[https://bugs.cacert.org/view.php?id=896|Bug# 896]] * strategy plans ... * strategy for: "Certificates Class3" problem and "New Roots & Escrow" * [[https://lists.cacert.org/wws/arc/cacert-root/2011-02/msg00030.html|pragmatic solution proposed]] * next meeting: Tuesday, April 5, 2011 20:00 == Minutes == * Overview Projects Board last meeting announced * Michael: has deployed signer connection on testserver with Andreas, is running, infrastructure root and so on missing, just created, config files for roots from svn (current?) * Dirk: problems with PDF ? * Class 3 problem ... current class3 is signed with MD5 on production ... * Keys the same. Issuer field (common name) ok ? Might work * Arbitration case [[Arbitrations/a20110312.1|a20110312.1]] * Perl script is complete, some modifications, vuln-keys, + reason: vuln-key or short-keys * adding test run counting keys * Michael: script update to block weak keys creation still under construction * Michael: update to Hanno * State Testserver Update * Current Patches on Testserver: * "Thawte" patch [[https://bugs.cacert.org/view.php?id=827|Bug# 827]], no news * /locale/ cleanup [[https://bugs.cacert.org/view.php?id=896|Bug# 896]], is finished, passed * strategy plans ... strategy for: "Certificates Class3" problem and "New Roots & Escrow" * pragmatic solution 1: big fat warning on website "be warned" * pragmatic solution 2: resign with sha1/sha256 * "Software and "Audit Ready" topic" * new class1 is offline, list of crl's ... under critical team, has to replace weekly pre-created crl's * class1 + class3 usage is defined in CPS * Testserver signer: class1 + class3 created * next meeting: Tuesday, April 5, 2011 20:00 ---- Action items: '''[[Software/Assessment/ActionItems|Meeting Action Items]]''' * Michael: update to Hanno <> ---- . CategorySoftwareAssessment