. '''To Software''' '''[[Software|Software]]''' - '''To Software-Assessment - ''' '''[[Software/Assessment|Software/Assessment]]''' - '''To [[Software/Assessment/20111011-S-A-MiniTOP|previous meeting]]''' - '''To [[Software/Assessment/20111025-S-A-MiniTOP|next meeting]]''' ---- = Minutes of the MiniTOP on the 2011-10-18 = == Setting == The MiniTOP will be held via telco 22:00 CEST Attendees: dirk, magu, marcus, uli, alex, michael == Topics == (skip to agenda) Action items from last meeting '''[[Software/Assessment/ActionItems|Meeting Action Items]]''' == Agenda == 1. [[https://bugs.cacert.org/view.php?id=976|bug #976]] * database restructure preperation * raw transcript from meeting results: [[https://bugs.cacert.org/file_download.php?file_id=245&type=bug|sql structure modifications as discussed within meeting]] * New table to add: high potential domains to secure (mozilla blue print) * proposed testserver deployment - when ? * Update? 1. The List of open / running / unhandled bugs - Part I 1. [[https://bugs.cacert.org/view.php?id=827|bug #827]] patch || Dirk, Michael || [[https://bugs.cacert.org/view.php?id=827|bug #827]] and [[https://bugs.cacert.org/view.php?id=959|bug #959]] Thawte patch/Points-Count-Order-Change project || related bug 959: needs 1 more test, needs 2nd review / 2nd review: also check -x / tests done, needs 2nd review<
>959 {g} reviewed, deployed <
>827 {g} reviewed, deployment in 2 steps<
>deployed, report from Wytze || {g} <
> {0} || * dirk needs results from arbitration [[https://wiki.cacert.org/Arbitrations/a20100822.1|a20100822.1]] request to magu 1. new problem reported by Hans, needs fixing 1. New proposal: scripted mailing for 0:0 F2F cases with detailed instructions 1. get information how many 0:0 cass we have ? * info from last years arbitration [[Arbitrations/a20100822.1|a20100822.1]] ? (documentation is not yet avail) * Lambert as Arbitrator, Martin as Case Manager and dirk in role as SA as Claimant should know the answer 1. is it possible to update 15.php script to signal the 0:0 F2F assurance cases ?!? eg by color blue or background color light yellow ? * dirk: 15.php can be easily upgraded - not only color also italic 1. to prepare an arbitration process for a scripted mailing announcement a. to the assuree's who may loose points caused by 0:0 cases a. to the assurers, who can re-apply their assurance over assuree's with the 0:0 problem 1. arbitration initiated 1. wiki faq created: [[FAQ/NewPointsCount#YellowLines]] 1. PR work - Update? 1. newsletter mailing: ok from board [[https://community.cacert.org/board/motions.php?motion=m20111016.2|m20111016.2]] 1. newsletter reviewed English revision [[PR/News/NewPointsCalculation]] 1. script sql query to prepare based on events/oa mailing * request for statement by critical team * proposal by critical team: a. to pace the email sending out a bit, e.g. by doing a chunk of 1000, then waiting 19 minutes (by a programmatic sleep) before starting the next chunk of 1000 etc a. pushing out the whole mailing will take somewhere between one and two full days a. reduce Postfix' maximal_queue_lifetime from the default 5 days to say 2 days a. Basically [[Arbitrations/a20100309.1|a20100309.1]] already gives permission for this mailing, except that it outlines a somewhat different technical implementation of such mailings. But policy-wise there doesn't seem to be a difference to me with what we are proposing here, so why bother with addtl arbitration? 1. Questions from last 4 meetings: * dirk: when will 827 goes to production ? 1. Infrastructure seperation * info from funkfeuer.at * power input of dl blade server? {{{ DL380G3-power calculation Total System Input power requirement (W) 485 x1) Total System Input measured (W) 265 Lo, 292 Hi x1) source: http://h30099.www3.hp.com/configurator/calc/Power Calculator Catalog.xls }}} * proposal by mario: * buy new machine: sample proposal alternate individual pieces: Euro 1042 . (1x Rasurbo BC-10, 1x Intel® DB65ALB3, 1x Intel® Core™ i7-2600, 4x Kingston ValueRAM DIMM 8 GB ECC, 2x Western Digital WD2002FAEX 2 TB) 1. Michaels workqueue 1. Translingo [[https://bugs.cacert.org/view.php?id=985|bug #985]] . [[https://translations.cacert.org]] ([[http://translations.cacert.org/]]) (replacement for translingo) . the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us. . I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it * last foreign uploads 2008 on about 13 + cacert projects * whohas translingo server console access? * mario * req for console access for michael to contact project leaders, Updates? * Transfer In, Transfer Out problems * Update from new deployment ? * opened for: create an account can now be started * Michael current state: * import and export routine works * script to incorporate updates needs fixed * next: complete language handling needs to be updated * accept lang handler needs fix * FF de, de_de * IE 6 de, 8,9 de_de 1. New function to TMS - edit notary table record * [[https://bugs.cacert.org/view.php?id=980|bug #980]] * infos from last meeting * testers needs editing individual notary records: fields "method", "awarded", "points" * easier to create notary records with testserver (add F2F), and edit existing record, doesn't need to check for assurer-from, assuree-to and so on * Update? 1. Dirks workqueue - The List of open / running / unhandled bugs 1. VBscript for Vista/Win7 (select keysize >= 1024) - '''reminder''' to dirk || x^1^ Dirk, new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<
>DEV: [[https://bugs.cacert.org/view.php?id=918|bug#918 (Part II)]] ([[Arbitrations/a20110312.1|a20110312.1]]) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' || current state: test /account/4.php added to testserver<
>Marcus will do detailed tests on Wed<
>some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]] || {-} || * as part of * x^1^ Arbitration case [[Arbitrations/a20110312.1|a20110312.1]] Weak keys [[https://bugs.cacert.org/view.php?id=918|bug #918]] / [[https://bugs.cacert.org/view.php?id=954|bug #954]] / [[https://bugs.cacert.org/view.php?id=964|bug#964]] * Current state: || {g} || pre mailing sent || || {g} || keys revocation script to bulk revoke weak keys, new [[https://bugs.cacert.org/view.php?id=954|bug #954]], finished || || {-} || dirk: DEV: [[Arbitrations/a20110312.1|a20110312.1]] [[https://bugs.cacert.org/view.php?id=918|bug#918]] Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' <
>vbscript needs to be improved with select box key size and lower limit to 2048 (based on [[https://wiki.mozilla.org/CA:MD5and1024]])<
>Api CertEnroll (MS crypto provider)<
>new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<
>current state: test /account/4.php added to testserver<
>Marcus will do detailed tests on Wed<
>some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]] || || {g} || Weak keys blog post, published || || {g} || Weak keys article published by Hanno(July 28), link is in CAcert's blog post (July 30) || || {b} || weak keys: problems with cryptostick (to test at [[events/FrOSCon2011|Froscon]] with Juergen ?) || * cert enroll infos under [[https://bugs.cacert.org/view.php?id=964|bug#964]] * vista and win7 works with other engine !CryptoAPI (?) => Cryptography API: Next Generation * [[http://msdn.microsoft.com/en-us/library/aa833130%28v=VS.85%29.aspx]] * Marcus: added notes for Win7 [[https://bugs.cacert.org/view.php?id=964#c2249]] * Update (5th week) ? * dirk: has not started the virtual machine * Question from Marcus: did someone contacted illuminat? * No, Marcus: to contact illuminat 1. Advertising 1. Prepare Advertising fix for testserver - '''reminder''' to dirk || Dirk || Advertising (from last board meeting), [[https://bugs.cacert.org/view.php?id=958|bug #958]] || add changes as discussed in last meeting to testserver || {0} || * [[CAcertInc/LogosForSale/Rules]] wiki link exist * "buy me" logo / "Logo For Sale" logo / "Monthly Auction on Logos" logo * Logos and Links exist, needs deployment to testserver * Update (5th week) ? 1. Bugs rejected in review 2 || 2 || uli, ted || [[https://bugs.cacert.org/view.php?id=794|bug #794]] || visibility over certificates for sysadm in account administration, new update 2011-09-24 || {-} || ? / u1 / m1 || * shorten ttl for certs on testserver modification? || 3 || Dirk || [[https://bugs.cacert.org/view.php?id=894|bug#894]] assure someone patches (checkbox) || (incl wot.php changes)<
>tested by 2, needs 2nd review, deploy || {-} || ? / u1 / m1 || || 9 || uli || [[https://bugs.cacert.org/view.php?id=823|bug #823]] email address removal fix || No warning when removing e-mail adres from acount that certificates will be revoked<
>checked by 4, needs 2nd review, deploy || {-} || ? / u9 / m9|| 1. Bugs to Review #1, transfer to testserver - Currently '''4''' || uli || [[https://bugs.cacert.org/view.php?id=977|bug #977]] admin console text fix || admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue || {0} || || uli || [[https://bugs.cacert.org/view.php?id=967|bug #967]] OA isassurer check || Give an OA the oppertuntiy to check if a desiginated Organisation Admininistrator is a CAcert assurer || {0} || || uli || [[https://bugs.cacert.org/view.php?id=859|bug #859]] admin console interface || feature request: show activity on an account in the admin interface, new update /!\ || {0} || || inopiae || [[https://bugs.cacert.org/view.php?id=981|bug #981]] OA overview (dupe of [[https://bugs.cacert.org/view.php?id=943|bug #943]]) || New layout of view for Organisation Administraors in account/id35 || {0} || 1. Bugs under testing: - Currently '''4''' || uli, Michael || [[https://bugs.cacert.org/view.php?id=966|bug #966]] cancel doesn't cancel but processes instead || potential workaround to fix all "Cancel" requests available<
>addtl. individual fixes<
>last update 2011-08-30<
>3 times tested<
>ready to deploy?<
>some more tests after bug#824 removal || {0} || || neo || [[https://bugs.cacert.org/view.php?id=985|bug #985]] move translingo to translations || check language settings under testserver || {0} || || inopiae || [[https://bugs.cacert.org/view.php?id=920|bug #920]] Join - single name only (eg Indonesian) || details under bug number || {0} || || uli || [[https://bugs.cacert.org/view.php?id=855|bug #855]] admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver || admin console lists "empty" and "Unknown" assurance types on listing given Assurances || {0} || 1. Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently '''5 (!!!)''' * define priority eg. 10,2, and so on * proposed order: from 1 to 10 || 4 || uli<
>Done: Ted, Micael<
>!ToDo: Ted, dirk || [[https://bugs.cacert.org/view.php?id=846|bug #846]] Join Form restructure, help link || Better guidance of bonafide members in Join Form about Suffixes they doesn't have in their ID doxs (a20100207.2)<
>Michael added fixes, so 2nd review needed again<
>new update 2011-09-13, needs complete re-test || {0} || ? / u5 / m4 || || 5 || uli, ted || [[https://bugs.cacert.org/view.php?id=968|bug #968]] error logging cleanup (splitted bug #909) || split 0000909: too many error messages logged - part II - general.php<
>create certs,certs,certs<
>2 sessions: 2011-09-21 + 2011-09-25<
>more tests needed<
>create certs,certs,certs,certs<
>create client, server, gpg keys, org client and server certs || {0} || ? / u4 / m5|| || 7 || uli, ted || [[https://bugs.cacert.org/view.php?id=789|bug #789]] OA edit domain fix || Editing domain for organisations does not work<
>new update 2011-09-26 || {0} || ? / u7 / m7|| || 8 || Ted, uli || [[https://bugs.cacert.org/view.php?id=957|bug #957]] Resize the comment field on [[https://secure.cacert.org/account.php?id=27]] so more information is visible || last update 2011-08-19<
>tested 3 times<
>ready to deploy? || {0} || ? / u8 / m8 || || 10 || uli, Ted || [[https://bugs.cacert.org/view.php?id=965|bug #965]] 0000965: Outsource / fix Webdb text pages id=12, 13 || addtl. id=37, id=38, new update 2011-09-25 || {0} || ? / u10 / m10 || * #1 reviewed and transfered by Michael within meeting 1. Needs development, deployment, discussion 1. [[https://bugs.cacert.org/view.php?id=835|bug #835]] Migrate CATS onto testserver || [[https://bugs.cacert.org/view.php?id=835|bug #835]] Assurer challenge (on testserver) || asssigned to Ted, CATS to install on ca-mgr1, awaiting deployment || {0} || 1. [[https://bugs.cacert.org/view.php?id=943|bug #943]] change OA admin/assurer text || [[https://bugs.cacert.org/view.php?id=943|bug #943]] change OA admin/assurer text || -> Ted, rejected, needs comment from OAO || {-} || * webdb names OrgAdmins as OrgAssurers and names OrgAssurers as OrgAdmins. * patch takes account about this issue * problem with menu link Org Admin .. is Org Assurers menu * but this menu includes one addtl. link "View" that is available for Org Admins * and Org Admins with master flag to add new admins * master flag is not described in OAP (!) * addtl master flag to revoke ? * rename to "Org Administration" * don't show menu to OrgAdmins * dupe bug# 981 1. [[https://bugs.cacert.org/view.php?id=824|bug #824]] Org User cert fix || uli, Ted || [[https://bugs.cacert.org/view.php?id=824|bug #824]] Org User cert fix || Organisation User Certificates: Need UI improvement for proper production usage<
>working session: needs to be removed from testserver, done<
>Case study || {0} || 1. [[https://bugs.cacert.org/view.php?id=988|bug #988]] TTP cap form deployment || uli || [[https://bugs.cacert.org/view.php?id=988|bug #988]] TTP cap form deployment || Case study || {0} || 1. strategy plans ... next: strategy for "New Roots & Escrow" 1. idea: using indirect crl's ? * 2 crl's needed, one valid, one invalid crl server * more infos available ? who ? 1. build testserver with special certs 1. Magu, Michael to send instructions for test deployment * indirect CRL: RFC 5280 [[http://tools.ietf.org/html/rfc5280]] (chapter 5) * meetings ago we've defined Testing requirements and a potential testszenario * to remind every meeting * Michael: testserver environment deployment 1. policy group: define requirements * multimember escrow method ? * needs risk analyze * potential candidates ? * Marcus to contacted Benedikt, will contact Thomas K * Next step(s) 1. how does debian work ? * defered to Froscon (end of Aug), CCCcamp (around Aug 10th) 1. CI (Update) 1. [[http://live.eclipse.org/node/1031|description to eclipse testpage]], [[http://adobedev.adobe.acrobat.com/p4101brizwr/|Webinar]] * deployment scenario: 1. create testusers 1. testing 1. delete testusers * regression test for standard tests: eg 0,1,49,50,51,99,100,101 pts w/ and w/o CATS passed * reminder 1. Jubula Test-Tool (by Michael) - update? * [[http://www.eclipse.org/jubula/download.php]] * instructions see under [[Software/Assessment/20110830-S-A-MiniTOP#Minutes|Minutes meeting 2011-08-30]] * test deployment needs to be continued by software testers * Jubula documentation started: [[Software/Jubula]] 1. new proposal by Sven: Webdriver with Maven and Jenkins-CI 1. Jubula vs. Webdriver 1. testserver variants 1. testserver for manual tests 1. testserver of OS and application upgrades 1. testserver for CI 1. test methods 1. unit test * test single modules, exceptions 1. integration tests * test interaction of modules 1. system tests * complete system test, with database interactions, module interactions and much more 1. next meeting: Tuesday, October 25, 2011 22:00 == Minutes == 1. Translingo [[https://bugs.cacert.org/view.php?id=985|bug #985]] * working session michael, marcus 1. dirk - git pull problems - seems to be fixed || 3 || Dirk || [[https://bugs.cacert.org/view.php?id=894|bug#894]] assure someone patches (checkbox) || (incl wot.php changes)<
>tested by 2, needs 2nd review, deploy || {-} || ? / u1 / m1 || * updated, transfered to cacert-devel, michael transfered to testserver 1. [[https://bugs.cacert.org/view.php?id=976|bug #976]] * database restructure preperation * raw transcript from meeting results: [[https://bugs.cacert.org/file_download.php?file_id=245&type=bug|sql structure modifications as discussed within meeting]] * New table to add: high potential domains to secure (mozilla blue print) * proposed testserver deployment - when ? * deletedwhen - to rename to deleted type datetime * from - to rename to creatorid * enum - or not enum for cca method * add table "mozilla blue print" domains * proposal michael: to add this as file, also to deploy to signer * sql update? or php script? * adding versioning number ? table verno, when type datetime 1. [[https://bugs.cacert.org/view.php?id=827|bug #827]] 1. dirk sent update: michael transfered to testserver * michael: sql injection of one notary record: date < 30.8.2006, awarded=0, points=35 * test: 10.php: 35 points, 15.php shows 0 points => bug not fixed 1. PR work - Update? 1. newsletter mailing: ok from board [[https://community.cacert.org/board/motions.php?motion=m20111016.2|m20111016.2]] 1. newsletter reviewed English revision [[PR/News/NewPointsCalculation]] * last update [[PR/News/NewPointsCalculation]] 1. script sql query to prepare based on events/oa mailing * request for statement by critical team * proposal by critical team: a. to pace the email sending out a bit, e.g. by doing a chunk of 1000, then waiting 19 minutes (by a programmatic sleep) before starting the next chunk of 1000 etc a. pushing out the whole mailing will take somewhere between one and two full days a. reduce Postfix' maximal_queue_lifetime from the default 5 days to say 2 days a. Basically [[Arbitrations/a20100309.1|a20100309.1]] already gives permission for this mailing, except that it outlines a somewhat different technical implementation of such mailings. But policy-wise there doesn't seem to be a difference to me with what we are proposing here, so why bother with addtl arbitration? * script to use from mailing, SA's to build a sql query, sending to critical team 1. Infrastructure seperation * info from funkfeuer.at * power input of dl blade server? {{{ DL380G3-power calculation Total System Input power requirement (W) 485 x1) Total System Input measured (W) 265 Lo, 292 Hi x1) source: http://h30099.www3.hp.com/configurator/calc/Power Calculator Catalog.xls }}} * proposal by mario: * buy new machine: sample proposal alternate individual pieces: Euro 1042 . (1x Rasurbo BC-10, 1x Intel® DB65ALB3, 1x Intel® Core™ i7-2600, 4x Kingston ValueRAM DIMM 8 GB ECC, 2x Western Digital WD2002FAEX 2 TB) * other hosting providers * hetzner: 50 euro server + setup 150 euro once + ip's: 22 euro * funkfeuer: + ip's: unknown * ip's needed: 24-30 1. Translingo * [[https://bugs.cacert.org/view.php?id=985|bug #985]] * pdf code needs rewrite (uni code library, move to external server (outsourcing)) * message cert notification - uses perl code, text source not avail (get bind-text-domain) 1. New function to TMS - edit notary table record * [[https://bugs.cacert.org/view.php?id=980|bug #980]] * no update 1. count of certs counting (bug #794) || 2 || uli, ted || [[https://bugs.cacert.org/view.php?id=794|bug #794]] || visibility over certificates for sysadm in account administration, new update 2011-09-24 || {-} || ? / u1 / m1 || * shorten ttl for certs on testserver modification? 1. Marcus: removing from action items || Marcus || Nov 2-3 test event Nuernberg, [[http://www.qs-tag.de/|software-qs-tag 2011]], 2-3 Nov, Nuernberg, www.ix-konferenz.de, check for infos, attendance ? || {0} || ==== Fixed Action Items since last or within meeting ==== || 1 || uli, ted, michael || [[https://bugs.cacert.org/view.php?id=975|bug #975]] admin console interface (2) || report potential database inconsistency in SE console (debug infos)<
>tested by 3, needs 2nd review, deploy || {g} || ? / u1 / m1 || || 6 || moh<
>Done: Ted<
>Done2: Michael || [[https://bugs.cacert.org/view.php?id=596|bug #596]] certs list advanced || display ser# in certs overview lists || {g} || ? / u5 / m5 || ---- ==== Action Items New ==== Action items: '''[[Software/Assessment/ActionItems|Meeting Action Items]]''' <> ---- . CategorySoftwareAssessment