. '''To Software [[Software|Software]]''' - '''To Software-Assessment [[Software/Assessment|Software/Assessment]]''' - '''To [[Software/Assessment/20120103-S-A-MiniTOP|previous meeting]]''' - '''To [[Software/Assessment/20120117-S-A-MiniTOP|next meeting]]'''
----
= Minutes of the MiniTOP on the 2012-01-10 =
== Setting ==
The MiniTOP will be held via telco 22:00 CET
Attendees: magu, michael, uli, marcus, dirk
== Topics ==
(skip to [[#AGENDA|agenda]])
Action items from last meeting '''[[Software/Assessment/ActionItems|Meeting Action Items]]'''
<<Include(Software/Assessment/ActionItems)>>
<<Anchor(AGENDA)>>
== Agenda ==
=== 1. bug#794 Display certs in admin console ===
* [[https://bugs.cacert.org/view.php?id=794|bug#794]] display certs in admin console
* passed within last week
* precedent ruled, Support works on issues
=== 2. bug #985 - Move Translingo to Translations (incl. patches) ===
1. Translingo [[https://bugs.cacert.org/view.php?id=985|bug #985]]
. [[https://translations.cacert.org]] ([[http://translations.cacert.org/]]) (replacement for translingo)
. the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
. I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
* last foreign uploads 2008 on about 13 + cacert projects
* whohas translingo server console access?
* mario
* req for console access for michael to contact project leaders, Updates?
* Transfer In, Transfer Out problems
* Update from new deployment ?
* opened for: create an account can now be started
* Michael current state:
* import and export routine works
* script to incorporate updates needs fixed
* next: complete language handling needs to be updated
* accept lang handler needs fix
* FF de, de_de
* IE 6 de, 8,9 de_de
* working session within last meeting: michael, marcus
* infos from meeting 2011-10-18
* pdf code needs rewrite (uni code library, move to external server (outsourcing))
* message cert notification - uses perl code, text source not avail (get bind-text-domain)
* current state?
* Marcus sent mailing to translators, no response so far, no tests so far (week 3)
* Morten NO
* Emanuel IT
* current state:
* create test system accounts dutch@test, espania@test and so on, let users do their tests
* Magu, Marcus will give it a try
* a couple of testers has started testing and reporting within the last 7 days
* results: de, fr, en, pl, es, pl
* last meeting: working session [[https://bugs.cacert.org/view.php?id=985|bug#985]] translingo transfer
* Michael: needs 2nd review
* Translations
* problems that relates to blocks translations
* changes into translations database
* contact NEO to transfer manualy to testserver
* [[https://bugs.cacert.org/view.php?id=985|bug #985]] needs 2nd review, so update script can run also on critical system
* trying to assign to Ted, reviewed by Ted
{{{
Did a review. I cannot judge locale/Makefile, the other changes are acceptable.
I guess before a patch can be created a rebase will be necessary...
}}}
* comment by NEO
{{{
OK, I have made a merge from release into that branch and removed the conflicts
(a rebase would break fast forwarding).
}}}
* What is the impact? What is needed for going to production?
=== 3. Patches queue ===
1. bug #827 - New Points calculation / Thawte patch
. [[https://bugs.cacert.org/view.php?id=827|bug #827]]
* bug#827 + bug#882 to merge
* close bug#882
* wot.inc.php + notary.inc.php to merge
* continue with bug#827
* pojam bug to fix
1. [[https://bugs.cacert.org/view.php?id=540|bug#540]] No key usage attribute in cacert org certs anymore?
* also: [[https://bugs.cacert.org/view.php?id=905|bug#905]]
* Policy group discussion - Extended key usage -> [[PolicyDecisions#p20111113|p20111113]], motion CARRIED
* deployment
1. prepare fixes -> Michael to prepare diffs, against svn
1. sending to testserver
1. transfer to critical system
* (2011-12-13) approx 2 weeks to write the fix, approx 2 months to go
* Michael did transfer the patch to testserver
* signer code update
* changes against svn
* uli, to add to tester portal, done
* uli to inform testers about new tests
* test report from kenneth to transfer to report (email from 2011-12-25)
* Michael: where to find the report from kenneth? link?
* who has adobe 8 for testing?
* next: needs testing (week 2)
1. [[https://bugs.cacert.org/view.php?id=1002|bug#1002]] 0001002: Contact Assurer form leaves a funny comment after sending
* Michael did transfer the patch to testserver
* Michael: request to alex to check, seems to be ok
* next: needs testing (week 2)
1. Marcus: working session [[https://bugs.cacert.org/view.php?id=789|bug#789]] OA field extension
* magu to test
1. Marcus: working session [[https://bugs.cacert.org/view.php?id=859|bug#859]] Activity on Account
* Michael: needs 1st review + transfer to testserver
* NEO: will check the next days
1. [[https://bugs.cacert.org/view.php?id=440|bug#440]] Problem with subjectAltName (CSR, renew certs)
* "There seems to be a problem with the subjectAltName. Dupes, missing entries, and more"
* patch by gagern
* Software-Assessors: needs 1st review + transfer to testserver
1. [[https://bugs.cacert.org/view.php?id=978|bug #978]] bug 978 (weak keys) (bug 918)
* invalid key format, no regular error message, something wrong, error code # identified
* debugging infos from user + infos from critical team with error code #, was spkac routine
* one test done 2011-12-17 by JensK
1. [[https://bugs.cacert.org/view.php?id=920|bug #920]] Join - single name only (eg Indonesian)
* details under bug number
* presented to Policy Group
* first results from policy group?
* dirk has made some changes in 6.php last year
* there are 4 possible choices:
1. givenname
1. lastname (as current fix)
1. givenname or lastname
1. brians proposal, mononym + checkbox
* dirks proposal:
* make name handling more AP conform (1 line names, multiple names)
* 2 possible paths:
1. allow multiple names (dirks proposal) is massive change (long term change)
1. "simple" solution (short term change)
* global re-design
* eg users view
* 43.php, multiple views
=== 4. Michaels workqueue ===
1. OCSP server - timeout 10 min too short, 3 days to long, recommendation is 24-48 hours max, verisign: 7 days, startssl: 2d
* who has been informed, contacted?
* Michael will inform Wytze
* not yet written
* thread relates to [[https://lists.cacert.org/wws/arc/cacert-board/2011-11/msg00021.html]]
* general solved
* scalability might be a problem in the future ?!?
* preconfigured there is no solution
* whats with EBJCA
* java based
* distribution solution (database replication), master server distributes to other criticial slaves, no caching function
* post request includes timestamp, simple http cache probably doesn't work
* engineX ?
* ocsp protocol: version, requestor-name, extension, request-list
* open issue, needs time for implementation
* studienarbeit? bachelor arbeit?
* new [[https://bugs.cacert.org/view.php?id=1001|bug #1001]] Need a way to set up redundant OCSP responders
1. Build + Document Emergency Patches Path
|| Build + Document Emergency Patches Path || Andreas, Uli, Wytze || {0} ||
* [[Software/Assessment/Documentation/EmergencyPatches]]
* Documentation written, reviewed by Wytze, Marcus
* Michael: reminder for review [[Software/Assessment/Documentation/EmergencyPatches]]
* other reviews done ?
1. New function to TMS - edit notary table record
* [[https://bugs.cacert.org/view.php?id=980|bug #980]]
* infos from last meeting
* testers needs editing individual notary records: fields "method", "awarded", "points"
* easier to create notary records with testserver (add F2F), and edit existing record, doesn't need to check for assurer-from, assuree-to and so on
* Update?
* Michael (2011-11-15): after some other bug reviews
* TMS - certs expire handling
* for testserver eg 3 days (short), 31 days (long)
=== 5. Dirks workqueue - The List of open / running / unhandled bugs ===
1. review bug #794
* [[https://bugs.cacert.org/view.php?id=794|bug#794]] display certs in admin console
* see top 1, done by Ted
1. review bug #985
* [[https://bugs.cacert.org/view.php?id=985|bug #985]] Move Translingo to Translations (incl. patches)
* see top 2, done by Ted
1. VBscript for Vista/Win7 (select keysize >= 1024) (BlackJack) - '''reminder''' to dirk
|| x^1^ Dirk, new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<<BR>>DEV: [[https://bugs.cacert.org/view.php?id=918|bug#918 (Part II)]] ([[Arbitrations/a20110312.1|a20110312.1]]) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' || current state: test /account/4.php added to testserver<<BR>>Marcus will do detailed tests on Wed<<BR>>some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]] || {0} ||
* as part of
* x^1^ Arbitration case [[Arbitrations/a20110312.1|a20110312.1]] Weak keys [[https://bugs.cacert.org/view.php?id=918|bug #918]] / [[https://bugs.cacert.org/view.php?id=954|bug #954]] / [[https://bugs.cacert.org/view.php?id=964|bug#964]]
* Current state:
|| {g} || pre mailing sent ||
|| {g} || keys revocation script to bulk revoke weak keys, new [[https://bugs.cacert.org/view.php?id=954|bug #954]], finished ||
|| {-} || dirk: DEV: [[Arbitrations/a20110312.1|a20110312.1]] [[https://bugs.cacert.org/view.php?id=918|bug#918]] Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' <<BR>>vbscript needs to be improved with select box key size and lower limit to 2048 (based on [[https://wiki.mozilla.org/CA:MD5and1024]])<<BR>>Api CertEnroll (MS crypto provider)<<BR>>new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<<BR>>current state: test /account/4.php added to testserver<<BR>>Marcus will do detailed tests on Wed<<BR>>some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]] - codename "BlackJack" ||
|| {g} || Weak keys blog post, published ||
|| {g} || Weak keys article published by Hanno(July 28), link is in CAcert's blog post (July 30) ||
|| {b} || weak keys: problems with cryptostick (to test at [[events/FrOSCon2011|Froscon]] with Juergen ?) ||
* cert enroll infos under [[https://bugs.cacert.org/view.php?id=964|bug#964]]
* vista and win7 works with other engine !CryptoAPI (?) => Cryptography API: Next Generation
* [[http://msdn.microsoft.com/en-us/library/aa833130%28v=VS.85%29.aspx]]
* Marcus: added notes for Win7 [[https://bugs.cacert.org/view.php?id=964#c2249]]
* dirk: has not started the virtual machine
* Question from Marcus: did someone contacted illuminat?
* No, Marcus: to contact illuminat
* illuminat will give it a try, first needs download of testserver image
* Update?
* marcus: illuminat not yet seen last time
* baseline requirement - keyssize >= 2048 to fix till end of 2011
* how to proceed?
* dirk: 1st step, to bring win test server localy online
* marcus: to contact illuminat
* Do we have other developers who may pick up this project?
* Marcus -> dirk: announcement of vbscript bug to developers mailing list
* change keysize
* merge 2 scripts to one
* fix on script 1 needs fix in 2nd script too, solutions: include, one file, or comment fix script 2 too
* interrupt: [[https://bugs.cacert.org/view.php?id=964|bug#964]] -> codename "BlackJack"
* relates to IE8 problem, that certs cannot be created
* is there a security issue with available fix? also [[https://bugs.cacert.org/view.php?id=918|bug#918]]
* related 927, 901, 847
* a patch is online on testserver, but cannot found
* related patch files, /pages/account/ 3,4,16,17; /include/account.php
* there are other vbscript pages: ../account/ 6 + 19
* Brian [[https://bugs.cacert.org/view.php?id=964|bug#964]]
* Michael: Marcus to test with IE
* IE select provider only
* code from Brian needs some corrections, corrections to do, 4 + 17 inclusions, checkin
* notification to Brian, done
* quickfix has problems too
* next step(s)
* check error codes / debug routines
* open developer mode, create cert
* resulting error: line 213, put length, wrong parameter
{{{
Zeile: 213
Fehler: CertEnroll::CX509PrivateKey::put_Length: Falscher Parameter. 0x80070057 (WIN32: 87)
Zeile 213: objPrivateKey.Length = &h08000000
}}}
=== 6. General Bugs List Overview ===
1. Bugs to Review #1, transfer to testserver - Currently '''5'''
|| uli || [[https://bugs.cacert.org/view.php?id=977|bug #977]] admin console text fix || admin console Sysadmin - find domain - lists 2 tables - one for user accounts, one for org accounts, naming issue || {0} ||
|| uli || [[https://bugs.cacert.org/view.php?id=967|bug #967]] OA isassurer check || Give an OA the oppertuntiy to check if a desiginated Organisation Admininistrator is a CAcert assurer || {0} ||
|| uli || [[https://bugs.cacert.org/view.php?id=859|bug #859]] admin console interface || feature request: show activity on an account in the admin interface, new update /!\ || {0} ||
|| inopiae || [[https://bugs.cacert.org/view.php?id=981|bug #981]] OA overview (dupe of [[https://bugs.cacert.org/view.php?id=943|bug #943]]) || New layout of view for Organisation Administraors in account/id35 || {0} ||
|| gagern || [[https://bugs.cacert.org/view.php?id=440|bug#440]] Problem with subjectAltName (CSR, renew certs) || There seems to be a problem with the subjectAltName. Dupes, missing entries, and more || {0} ||
1. Bugs under testing: - Currently '''4'''
|| uli || [[https://bugs.cacert.org/view.php?id=855|bug #855]] admin console interface "unknown" + "empty" assurance method fields, needed for correct testing on testserver || admin console lists "empty" and "Unknown" assurance types on listing given Assurances || {0} ||
|| Michael || [[https://bugs.cacert.org/view.php?id=978|bug #978]] bug 978 (weak keys) (bug 918) || invalid key format, no regular error message, something wrong, error code # identified<<BR>>debugging infos from user + infos from critical team with error code # <<BR>>was spkac routine || {0} ||
|| Michael || [[https://bugs.cacert.org/view.php?id=540|bug #540]] || p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing || {0} ||
|| Michael || [[https://bugs.cacert.org/view.php?id=1002|bug #1002]] || 0001002: Contact Assurer form leaves a funny comment after sending || {0} ||
1. Needs 2nd review + transfer to Critical team, to bundle, to deploy - Currently '''2'''
* define priority eg. 10,2, and so on, proposed order: from 1 to 10
|| 7 || uli, ted || [[https://bugs.cacert.org/view.php?id=789|bug #789]] OA edit domain fix || Editing domain for organisations does not work<<BR>>new update 2011-09-26<<BR>>more fixes, more testing<<BR>> * testcase scenario<<BR>> * open org, edit 1st domain in new window, edit 2nd domain in new window<<BR>> * results in: change made in window 2, written to record in window 2<<BR>> * needs cross checking || {0} || ? / u7 / m7||
|| 2 || neo || [[https://bugs.cacert.org/view.php?id=985|bug #985]] move translingo to translations || check language settings under testserver || {0} || 2 ||
1. Needs development, deployment, discussion, reminder
1. [[https://bugs.cacert.org/view.php?id=835|bug #835]] Migrate CATS onto testserver
|| [[https://bugs.cacert.org/view.php?id=835|bug #835]] Assurer challenge (on testserver) || asssigned to Ted, CATS to install on ca-mgr1, awaiting deployment || {0} ||
2. [[https://bugs.cacert.org/view.php?id=964|bug#964]], [[https://bugs.cacert.org/view.php?id=918|bug#918 (Part II)]] Codename "BlackJack"
|| Brian || new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<<BR>>DEV: [[https://bugs.cacert.org/view.php?id=918|bug#918 (Part II)]] ([[Arbitrations/a20110312.1|a20110312.1]]) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' || some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]]<<BR>>current state: first review, add to testserver || {0} ||
=== 7. Long term projects ===
1. strategy plans ... next: strategy for "New Roots & Escrow"
1. idea: using indirect crl's ?
* 2 crl's needed, one valid, one invalid crl server
* more infos available ? who ?
1. build testserver with special certs
1. Magu, Michael to send instructions for test deployment
* indirect CRL: RFC 5280 [[http://tools.ietf.org/html/rfc5280]] (chapter 5)
* meetings ago we've defined Testing requirements and a potential testszenario
* to remind every meeting
* Michael: testserver environment deployment
* Michael will review after Certs extension policy group vote
* Michael: VM + OS builtup for CRL server tests (WIP)
1. policy group: define requirements
* multimember escrow method ?
* needs risk analyze
* potential candidates ?
* Marcus to contacted Benedikt, will contact Thomas K
* Next step(s)
1. CI (Update)
1. [[http://live.eclipse.org/node/1031|description to eclipse testpage]], [[http://adobedev.adobe.acrobat.com/p4101brizwr/|Webinar]]
* deployment scenario:
1. create testusers
1. testing
1. delete testusers
* regression test for standard tests: eg 0,1,49,50,51,99,100,101 pts w/ and w/o CATS passed
* reminder
1. Jubula Test-Tool (by Michael) - update?
* [[http://www.eclipse.org/jubula/download.php]]
* instructions see under [[Software/Assessment/20110830-S-A-MiniTOP#Minutes|Minutes meeting 2011-08-30]]
* test deployment needs to be continued by software testers
* Jubula documentation started: [[Software/Jubula]]
1. new proposal by Sven: Webdriver with Maven and Jenkins-CI
1. Jubula vs. Webdriver
1. testserver variants
1. testserver for manual tests
1. testserver of OS and application upgrades
1. testserver for CI
1. test methods
1. unit test
* test single modules, exceptions
1. integration tests
* test interaction of modules
1. system tests
* complete system test, with database interactions, module interactions and much more
1. sven did some work regarding frontendtest (Webdriver with Maven and Jenkins-CI)
* Michael did some review: probably needs some seperation
1. Infrastructure seperation
1. CAcert Inc statement - received
1. Hosting/Housing Provider
* 2011-12-01: Vienna response
* questions answered
1. contacting secure-u, oophaga started?
* Frank, Mario, Ted, Uli, Sebastian ?
* Secure-u started 2011-12-19, awaiting response
1. Hardware
* alternate solutions
* offer Frank a) 80 w, too high, b) unknown yet
* uli: luxemburg connection, will try 1st week in january
* 2 way path: search sponsors for money, search hardware sponsors
1. Helping CAcert
* How does recruitment work?
* Newsletters, recuring notifications
* Fosdem -> focus on Nucleus events
* Recruitment on events?
* Recruitment page eg [[events/Recruitment]], [[HelpingCAcert]], Jobs
* Flyers?
* re-design main page:
* dirk: 3 news, upcoming events
* michael: *
* rss-feed script modification is simple
* main page cms page, login to secure area (portal project)
* public: www.cacert.org
* secure1: www.cacert.org
* secure2: secure.cacert.org
1. Discovery II [[Arbitrations/a20110118.1|a20110118.1]] discussion
* still running
* who should receive infos? list of appropiate recipients listed in discovery II table
* possible software solutions:
a. triggered info mailing eg board-private mailing list + support
a. view page with current results (like hidden stats page?)
* [[https://bugs.cacert.org/view.php?id=1003|bug#1003]] Provide a possibility to regularly review the permissions in the system
1. Affilates program - topic for SA ?
* currently not
* planned income projects by CAcert Inc
* new portal (Benedikt, Karsten working on it)
* critical / non-critical systems
* non-critical portal - with login link to critical secure.cacert.org
* cms system: own user base?
* critical system userid includes @, cms userid does not include @
* cms login adding userid from critical system may result in security leak that account data can be collected (MITM)
* affiliate link to each event (template)
1. addtl. link under main ads
1. CAP Form redesign for upcoming events
* Fosdem
* Cebit
* Chemnitzer Linuxtag
* CAP forms have no bank account infos
* CAP form redesign
1. "NEO projects"
1. architecture/design (aka Birdshack design)
1. signer rewrite
* cabforum, blacklist implementation
* needs a rewrite, protocol isn't that reliable as required/needed
* problems in current design: eg count of days a cert expires will be transfered from client to server
* multiple servers (staging/scaling/load balancing)
* problems in current design: eg OpenSSL and multithreading
1. Vendor-Api / New Assurers Portal
* Marcus sent some proposals
* A team is working on a Portal project (Carsten, Marcus)
=== 8. next meeting ===
* Tuesday, January 17, 2012 22:00
== Minutes ==
1. Build + Document Emergency Patches Path
|| Build + Document Emergency Patches Path || Andreas, Uli, Wytze || {0} ||
* [[Software/Assessment/Documentation/EmergencyPatches]]
* Documentation written, reviewed by Wytze, Marcus
* Michael: reminder for review [[Software/Assessment/Documentation/EmergencyPatches]]
* seems to be ok, emergancy path through SA will work, is prepared by the Update cycle design
* remote access needs experiences
1. Code signing
* white paper from verisign, Magu will send around
1. bug#794 Display certs in admin console
* [[https://bugs.cacert.org/view.php?id=794|bug#794]] display certs in admin console
* passed within last week
* precedent ruled, Support works on issues under [[Support/Handbook/PrecedentCases/a20111128.3|a20111128.3]]
1. bug #985 - Move Translingo to Translations (incl. patches)
* Translingo [[https://bugs.cacert.org/view.php?id=985|bug #985]]
. [[https://translations.cacert.org]] ([[http://translations.cacert.org/]]) (replacement for translingo)
. the translingo.cacert.org had been in operation far longer, so I think it is possible that some users migrated to translingo.cacert.org, without telling us.
. I would suggest to mass-mail the email addresses of the translation-project leaders in the translingo database, to inform them, and to ask them to speak up if they still need it
* last foreign uploads 2008 on about 13 + cacert projects
* whohas translingo server console access?
* mario
* req for console access for michael to contact project leaders, Updates?
* Transfer In, Transfer Out problems
* Update from new deployment ?
* opened for: create an account can now be started
* Michael current state:
* import and export routine works
* script to incorporate updates needs fixed
* next: complete language handling needs to be updated
* accept lang handler needs fix
* FF de, de_de
* IE 6 de, 8,9 de_de
* working session within last meeting: michael, marcus
* infos from meeting 2011-10-18
* pdf code needs rewrite (uni code library, move to external server (outsourcing))
* message cert notification - uses perl code, text source not avail (get bind-text-domain)
* current state?
* Marcus sent mailing to translators, no response so far, no tests so far (week 3)
* Morten NO
* Emanuel IT
* current state:
* create test system accounts dutch@test, espania@test and so on, let users do their tests
* Magu, Marcus will give it a try
* a couple of testers has started testing and reporting within the last 7 days
* results: de, fr, en, pl, es, pl
* last meeting: working session [[https://bugs.cacert.org/view.php?id=985|bug#985]] translingo transfer
* Michael: needs 2nd review
* Translations
* problems that relates to blocks translations
* changes into translations database
* contact NEO to transfer manualy to testserver
* [[https://bugs.cacert.org/view.php?id=985|bug #985]] needs 2nd review, so update script can run also on critical system
* trying to assign to Ted, reviewed by Ted
{{{
Did a review. I cannot judge locale/Makefile, the other changes are acceptable.
I guess before a patch can be created a rebase will be necessary...
}}}
* comment by NEO
{{{
OK, I have made a merge from release into that branch and removed the conflicts
(a rebase would break fast forwarding).
}}}
* What is the impact? What is needed for going to production?
* git potential problem solved, can be transfered to critical
* Sync between translation server and critical system
* make update, make upload to be started by critical admin on production console
* po tool should send warning/errors, critical admin has to check on update
* critical admins needs ssh key, to contact NEO
* docu: new translations to add under system docu webdb
1. [[https://bugs.cacert.org/view.php?id=540|bug#540]] No key usage attribute in cacert org certs anymore?
* also: [[https://bugs.cacert.org/view.php?id=905|bug#905]]
* Policy group discussion - Extended key usage -> [[PolicyDecisions#p20111113|p20111113]], motion CARRIED
* deployment
1. prepare fixes -> Michael to prepare diffs, against svn
1. sending to testserver
1. transfer to critical system
* (2011-12-13) approx 2 weeks to write the fix, approx 2 months to go
* Michael did transfer the patch to testserver
* signer code update
* changes against svn
* uli, to add to tester portal, done
* uli to inform testers about new tests
* test report from kenneth to transfer to report (email from 2011-12-25)
* Michael: where to find the report from kenneth? link?
* NEO has added the report (written to private dl)
* who has adobe 8 for testing?
* magu has, please test
* next: needs testing (week 2)
1. Bugs to test
1. [[https://bugs.cacert.org/view.php?id=1002|bug#1002]] 0001002: Contact Assurer form leaves a funny comment after sending
1. [[https://bugs.cacert.org/view.php?id=789|bug#789]] OA field extension
1. Bugs to transfer to testserver
1. Marcus: working session [[https://bugs.cacert.org/view.php?id=859|bug#859]] Activity on Account
* Michael: needs 1st review + transfer to testserver
* NEO: will check the next days
1. [[https://bugs.cacert.org/view.php?id=440|bug#440]] Problem with subjectAltName (CSR, renew certs)
* "There seems to be a problem with the subjectAltName. Dupes, missing entries, and more"
* patch by gagern
* Software-Assessors: needs 1st review + transfer to testserver
1. VBscript for Vista/Win7 (select keysize >= 1024) (BlackJack) - '''reminder''' to dirk
|| x^1^ Dirk, new [[https://bugs.cacert.org/view.php?id=964|bug#964]]<<BR>>DEV: [[https://bugs.cacert.org/view.php?id=918|bug#918 (Part II)]] ([[Arbitrations/a20110312.1|a20110312.1]]) Weak keys: /pages/account/.. 4.php, 17.php to combine ? (/includes/keygen.php) '''DEV''' || current state: test /account/4.php added to testserver<<BR>>Marcus will do detailed tests on Wed<<BR>>some references added to [[https://bugs.cacert.org/view.php?id=964|bug#964]] || {0} ||
* still open
1. CI (Update)
1. [[http://live.eclipse.org/node/1031|description to eclipse testpage]], [[http://adobedev.adobe.acrobat.com/p4101brizwr/|Webinar]]
1. Jubula Test-Tool (by Michael) - update?
* test deployment needs to be continued by software testers
* Jubula documentation started: [[Software/Jubula]]
* not performant as needed over internet
1. new proposal by Sven: Webdriver with Maven and Jenkins-CI
1. sven did some work regarding frontendtest (Webdriver with Maven and Jenkins-CI) (Jenkins aka Hudson)
* Michael did some review: probably needs some seperation
* [[https://github.com/Weltraumschaf/cacert-frontendtests|raw source]]
* [[https://github.com/Weltraumschaf/cacert-frontendtests/blob/master/src/test/java/org/cacert/frontendtests/LoginTest.java|one implemented test case]]
* needs building a team, sven + 2 others, to be forced and pushed forward
* active people have to work with this framework
a. write a testunit that triggers the bug
a. write a bugfix
a. start regression test
1. Infrastructure seperation
1. Hardware
* alternate solutions
* offer Frank a) 80 w, too high, b) unknown yet
* b) IBM eServer xSeries 335 (Model-Type 8676-61X) => pentium4
* doesn't fit power consumption
* uli: luxemburg connection, will try 1st week in january
* 2 way path: search sponsors for money, search hardware sponsors
* level after netburst
* sample TK config: 1626.90€ + 117.30€ (1750)
* includes: Intel Xeon 4-Core E3-1260L 2,4GHz 8MB 5GT/s, 16 GB ECC DDR3 1333-RAM, 4x 500 GB SATA II WD Raid
* fund rising project
1. financial resources raises ...
* audit discussion
a. Audit over RA
a. Audit over CA
1. Vendor-Api / New Assurers Portal
* Marcus sent some proposals
* A team is working on a Portal project (Carsten, Marcus)
==== Fixed Action Items since last or within meeting ====
|| uli, ted<<BR>>michael || [[https://bugs.cacert.org/view.php?id=794|bug #794]] || visibility over certificates for sysadm in account administration, new update 2011-09-24<<BR>>3 tests, needs 2nd review, deploy<<BR>>updated 2011-12-06, tested<<BR>>needs 2nd review || 1 {g} ||
|| Michael || [[Software/Assessment/Documentation/EmergencyPatches]] || Build + Document Emergency Patches Path, reminder for review || {g} ||
----
==== Action Items New ====
Action items: '''[[Software/Assessment/ActionItems|Meeting Action Items]]'''
----
. CategorySoftwareAssessment