. '''To Software''' '''[[Software|Software]]''' - '''To Software-Assessment - ''' '''[[Software/Assessment|Software/Assessment]]''' - '''To [[Software/Assessment/20110906-S-A-MiniTOP|previous meeting]]''' - '''To [[Software/Assessment/20110920-S-A-MiniTOP|next meeting]]''' ---- = Minutes of the MiniTOP on the 2011-09-13 = == Setting == The MiniTOP will be held via telco 22:00 CEST Attendees: dirk, marcus, uli, michael, magu == Topics == (skip to agenda) Action items from last meeting '''[[Software/Assessment/ActionItems|Meeting Action Items]]''' <> == Agenda == 1. '''Software-Assessors blockage''' - The List of open / running / unhandled bugs - Part I 1. [[https://bugs.cacert.org/view.php?id=827|bug #827]] || Dirk, Michael || [[https://bugs.cacert.org/view.php?id=827|bug #827]] and [[https://bugs.cacert.org/view.php?id=959|bug #959]] Thawte patch/Points-Count-Order-Change project || related bug 959: needs 1 more test, needs 2nd review / 2nd review: also check -x / tests done, needs 2nd review<
>959 {g} reviewed, deployed <
>827 {g} reviewed, deployment in 2 steps<
>deployed, report from Wytze || {g} <
> {0} || * request by Joost for variable fields * next steps: 1. preparing PR, support (see below) 1. Thawte Patch - PR strategy * alex to prepare blog post * if the patch goes active, this needs support * wiki faq (existing page? thawte topic?) * blog (-> alex) * mailing list * press release? probably not at this state * Support: could be better, but is ok * Triage: where to forward Thawte patch requests? * add to Support team meeting agenda 1. reviewed last meeting. needs transfer to critical team * transfer to critical team, done. * mailing to people: Ted, Florian F, PG, Wytze, Carsten L, Jeff F, Frank K (ask Marcus) 120 pts, Sebastian K, done. * report by Wytze: problem with Unknown, Trusted Third Parties, Assurances before 2006 (0,0) 1. Michael, Ted - action items last week 1. bug 846 * and others in the queue 1. PR work 1. thawte patch - blog post 1. newsletter mailings 1. thawte patch details 1. infos about thawte points removal 1. infos about points counting * Update ? Text proposal ? 1. Security campaign, Newsletters (1 month later, 6-8 weeks later) 1. weak passwords (bug 637) 1. password reset w/ Assurance replaces pwd reset thru paypal 1. cert login security fix (bug 841) 1. weak keys disabled (bug 918) 1. class3 re-sign with sha256 1. check your CAcert account a. create a client cert for client cert login (also needed for CATS) a. check your secret questions a. check your password a. check your notification settings a. check your location settings 1. Mozilla Communication: Immediate action requested * read [[https://lists.cacert.org/wws/arc/cacert-board/2011-09/msg00008.html]] 1. Wytze: system upgrade on production and cacert1.it-sls.de (cont. from last meeting) * proposed next upgrade step lenny to squeeze * Action item: who informs Wytze? 1. Translingo . the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us. . I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it * last foreign uploads 2008 on about 13 + cacert projects * whohas translingo server console access? * mario * req for console access for michael to contact project leaders, Updates? * Transfer In, Transfer Out problems 1. Question from Lambert (by email): Is CAcert's ocsp server a blacklist or a whitelist ocsp ? (cont. from last meeting) * CAcert is probably a blacklist ocsp, cause the server delivers infos derived from current crl's interactively * Is this for Software-Assessment project group ? Next action step? 1. Dirks workqueue - The List of open / running / unhandled bugs 1. VBscript for Vista/Win7 (select keysize >= 1024) - '''reminder''' to dirk || x^1^ Dirk, new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<
>DEV: [[https://bugs.cacert.org/view.php?id=918|bug#918 (Part II)]] ([[Arbitrations/a20110312.1|a20110312.1]]) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' || current state: test /account/4.php added to testserver<
>Marcus will do detailed tests on Wed<
>some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]] || {-} || * as part of * x^1^ Arbitration case [[Arbitrations/a20110312.1|a20110312.1]] Weak keys [[https://bugs.cacert.org/view.php?id=918|bug #918]] / [[https://bugs.cacert.org/view.php?id=954|bug #954]] / [[https://bugs.cacert.org/view.php?id=964|bug#964]] * Current state: || {g} || pre mailing sent || || {g} || keys revocation script to bulk revoke weak keys, new [[https://bugs.cacert.org/view.php?id=954|bug #954]], finished || || {-} || dirk: DEV: [[Arbitrations/a20110312.1|a20110312.1]] [[https://bugs.cacert.org/view.php?id=918|bug#918]] Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' <
>vbscript needs to be improved with select box key size and lower limit to 2048 (based on [[https://wiki.mozilla.org/CA:MD5and1024]])<
>Api CertEnroll (MS crypto provider)<
>new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<
>current state: test /account/4.php added to testserver<
>Marcus will do detailed tests on Wed<
>some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]] || || {g} || Weak keys blog post, published || || {g} || Weak keys article published by Hanno(July 28), link is in CAcert's blog post (July 30) || || {b} || weak keys: problems with cryptostick (to test at [[events/FrOSCon2011|Froscon]] with Juergen ?) || * cert enroll infos under [[https://bugs.cacert.org/view.php?id=964|bug#964]] * vista and win7 works with other engine !CryptoAPI (?) => Cryptography API: Next Generation * [[http://msdn.microsoft.com/en-us/library/aa833130%28v=VS.85%29.aspx]] * Marcus: added notes for Win7 [[https://bugs.cacert.org/view.php?id=964#c2249]] * Update (3rd week) ? 1. Advertising 1. Prepare Advertising fix for testserver - '''reminder''' to dirk || Dirk || Advertising (from last board meeting), [[https://bugs.cacert.org/view.php?id=958|bug #958]] || add changes as discussed in last meeting to testserver || {0} || * [[CAcertInc/LogosForSale/Rules]] wiki link exist * "buy me" logo / "Logo For Sale" logo / "Monthly Auction on Logos" logo * Logos and Links exist, needs deployment to testserver * Update (3rd week) ? 1. google ads, nobody knows about * [[http://google.de/adsense/]] - needs google account * ad client id: pab.*9860, email adress is needed * board member to write email request to Robert, Philipp, Philpp, Teus, ernie * contact google? * account recovery? * dirk: google ads account - to write mail to treasurer (address from invoice) * Update (3rd week) ? 1. '''Software-Assessors blockage''' - Bugs to Review #1, transfer to testserver - Currently '''12 (!!!)''' || uli || [[https://bugs.cacert.org/view.php?id=977|bug #977]] admin console text fix || admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue || {0} || || uli || [[https://bugs.cacert.org/view.php?id=975|bug #975]] admin console interface (2) || report potential database inconsistency in SE console (debug infos), new update /!\ || {0} || || uli || [[https://bugs.cacert.org/view.php?id=968|bug #968]] error logging cleanup (splitted bug #909) || split 0000909: too many error messages logged - part II - general.php || {0} || || uli || [[https://bugs.cacert.org/view.php?id=967|bug #967]] OA isassurer check || Give an OA the oppertuntiy to check if a desiginated Organisation Admininistrator is a CAcert assurer || {0} || || uli, Ted || [[https://bugs.cacert.org/view.php?id=965|bug #965]] 0000965: Outsource / fix Webdb text pages id=12, 13 || addtl. id=37, id=38, new update /!\ || {0} || || uli, ted || [[https://bugs.cacert.org/view.php?id=882|bug #882]] || display Assurance when field in list of assurances received, assurances given by a user in admin console interface, new update /!\ || {0} || || uli || [[https://bugs.cacert.org/view.php?id=859|bug #859]] admin console interface || feature request: show activity on an account in the admin interface, new update /!\ || {0} || || uli || [[https://bugs.cacert.org/view.php?id=855|bug #855]] admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver || admin console lists "empty" and "Unknown" Assurance types on listing given Assurances || {0} || || uli || [[https://bugs.cacert.org/view.php?id=823|bug #823]] email address removal fix || No warning when removing e-mail adres from acount that certificates wil be revoked || {0} || || uli, ted || [[https://bugs.cacert.org/view.php?id=794|bug #794]] || visibility over certificates for sysadm in account administration, new update /!\ || {0} || || uli || [[https://bugs.cacert.org/view.php?id=789|bug #789]] OA edit domain fix || Editing domain for organisations does not work || {0} || || moh || [[https://bugs.cacert.org/view.php?id=596|bug #596]] certs list advanced || display ser# in certs overview lists || {0} || * 12 open fixes available (week 3), needs 1st review by 1st Software-Assessor 1. Bugs under testing: - Currently 4 || uli, Michael || [[https://bugs.cacert.org/view.php?id=966|bug #966]] cancel doesn't cancel but processes instead || potential workaround to fix all "Cancel" requests available<
>addtl. individual fixes<
>new update 2011-08-30<
>at least one more test || {0} || || uli, Ted || [[https://bugs.cacert.org/view.php?id=957|bug #957]] Resize the comment field on [[https://secure.cacert.org/account.php?id=27]] so more information is visible || new fix avail 2011-08-19<
>at least one more test || {0} || || Dirk || [[https://bugs.cacert.org/view.php?id=894|bug #894]] problems with check-boxes on website forms (Assure someone) -> [[Arbitrations/a20091118.3|a20091118.3]]<
>1st review still needed<
>two testers to test || {0} || || uli || [[https://bugs.cacert.org/view.php?id=824|bug #824]] Org User cert fix || Organisation User Certificates: Need UI improvement for proper production usage<
>needs some more fixes || {0} || 1. '''Software-Assessors blockage''' - Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently '''4 (!!!)''' || uli, ted || [[https://bugs.cacert.org/view.php?id=955|bug #955]] change sort order Orga list || Possibilty to change the sorting order for the organisation overview || {0} || || uli, ted || [[https://bugs.cacert.org/view.php?id=940|bug #940]] help* to wiki || Outsource Webdb text pages help.php?id=0..9 to wiki<
>needs review, deploy || {0} || || uli, ted || [[https://bugs.cacert.org/view.php?id=910|bug #910]] Outsource board member list || from Webdb to wiki (id=8) (Part II) || {0} || || Ted, uli || [[https://bugs.cacert.org/view.php?id=846|bug #846]] Join Form restructure, help link || Better guidance of bonafide members in Join Form about Suffixes they doesn't have in their ID doxs (a20100207.2) || {0} || 1. Needs development, deployment, discussion 1. [[https://bugs.cacert.org/view.php?id=835|bug #835]] Migrate CATS onto testserver || [[https://bugs.cacert.org/view.php?id=835|bug #835]] Assurer challenge (on testserver) || asssigned to Ted, CATS to install on ca-mgr1, awaiting deployment || {0} || 1. [[https://bugs.cacert.org/view.php?id=943|bug #943]] change OA admin/assurer text || [[https://bugs.cacert.org/view.php?id=943|bug #943]] change OA admin/assurer text || -> Ted, rejected, needs comment from OAO || {-} || * webdb names OrgAdmins as OrgAssurers and names OrgAssurers as OrgAdmins. * patch takes account about this issue * problem with menu link Org Admin .. is Org Assurers menu * but this menu includes one addtl. link "View" that is available for Org Admins * and Org Admins with master flag to add new admins * master flag is not described in OAP (!) * addtl master flag to revoke ? * rename to "Org Administration" * don't show menu to OrgAdmins 1. strategy plans ... next: strategy for "New Roots & Escrow" 1. idea: using indirect crl's ? * 2 crl's needed, one valid, one invalid crl server * more infos available ? who ? 1. build testserver with special certs 1. Magu, Michael to send instructions for test deployment * indirect CRL: RFC 5280 [[http://tools.ietf.org/html/rfc5280]] (chapter 5) * meetings ago we've defined Testing requirements and a potential testszenario * to remind every meeting * Michael: testserver environment deployment 1. policy group: define requirements * multimember escrow method ? * needs risk analyze * potential candidates ? * Marcus to contacted Benedikt, will contact Thomas K * Next step(s) 1. how does debian work ? * defered to Froscon (end of Aug), CCCcamp (around Aug 10th) 1. CI (Update) 1. [[http://live.eclipse.org/node/1031|description to eclipse testpage]], [[http://adobedev.adobe.acrobat.com/p4101brizwr/|Webinar]] * deployment scenario: 1. create testusers 1. testing 1. delete testusers * regression test for standard tests: eg 0,1,49,50,51,99,100,101 pts w/ and w/o CATS passed * reminder 1. Jubula Test-Tool (by Michael) - update? * [[http://www.eclipse.org/jubula/download.php]] * instructions see under [[Software/Assessment/20110830-S-A-MiniTOP#Minutes|Minutes meeting 2011-08-30]] * test deployment needs to be continued by software testers 1. next meeting: Tuesday, September 20, 2011 22:00 == Minutes == 1. Marcus: 43.php to add notary.id to bug#882 * dirk tries to upload new 43.php 1. dirk: bug#827 update 1. translingo: michael tries to deploy pootle 1. michael: bug#846 reviewed, made some corrections, needs 2nd review 1. PR: Alex not available, will prepare blog post, mailing 1. Mozilla Communication: Immediate action requested * blueprint for activities CAcert has to do on the way to browser inclusion * add [[https://lists.cacert.org/wws/arc/cacert-board/2011-09/msg00008.html]] topics as bug numbers 1. Wytze: system upgrade on production and cacert1.it-sls.de (cont. from last meeting) * proposed next upgrade step lenny to squeeze * Action item: who informs Wytze? * -> Michael 1. Testserver hosting: request to Funkfeuer directly ? * funkfeuer.at infos see [[http://funkfeuer.at/Eckdaten.243.0.html]] 1. Question from Lambert (by email): Is CAcert's ocsp server a blacklist or a whitelist ocsp ? (cont. from last meeting) * CAcert is probably a blacklist ocsp, cause the server delivers infos derived from current crl's interactively * Is this for Software-Assessment project group ? Next action step? * is topic for critical admin 1. Jubula Test-Tool (by Michael) - update? * [[http://www.eclipse.org/jubula/download.php]] * instructions see under [[Software/Assessment/20110830-S-A-MiniTOP#Minutes|Minutes meeting 2011-08-30]] * test deployment needs to be continued by software testers * no update 1. bug#855 problem prevents testing of TTP entries * needs to be activated at least on testserver 1. next meeting: Tuesday, September 20, 2011 22:00 ==== Fixed Action Items since last or within meeting ==== || uli || prepare cacert1 image for developers after proposed system update || {g} || || uli || prepare ca-mgr1 image for developers || {g} || || uli || prepare DEBIAN-Lenny image for developers (request by Michael) - req cancled || {b} || || uli || preview mailing to people: Ted, Florian F, PG, Wytze, Carsten L, Jeff F, Frank K (ask Marcus) 120 pts, Sebastian K || {g} || * Awaiting Response from Critical Team (moved to next state) || Done: Michael, Dirk, Michael<
>!ToDo: || [[https://bugs.cacert.org/view.php?id=841|bug #841]] Problems on cert login || needs 2nd review, deploy || {g} || || Done: Dirk, Michael, Michael<
>!ToDo: || [[https://bugs.cacert.org/view.php?id=827|bug #827]] and [[https://bugs.cacert.org/view.php?id=959|bug #959]] Thawte patch/Points-Count-Order-Change project || related bug 959: needs 1 more test, needs 2nd review / 2nd review: also check -x / tests done, needs 2nd review<
>959 {g} reviewed, deployed <
>827 {g} reviewed, deployment in 2 steps || {g} <
> {0} || ---- ==== Action Items New ==== Action items: '''[[Software/Assessment/ActionItems|Meeting Action Items]]''' ---- . CategorySoftwareAssessment