=== Software/Assessment/ActionItems ===

 || all || proposed Apache config SSLCipherSuite settings for CAcert SSL enabled infrastructure systems<<BR>>see also BEAST migration [[https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls]]<<BR>>Proposal from [[https://lists.cacert.org/wws/arc/cacert-sysadm/2013-09/msg00002.html|Sysadm list 2013-09-06]] || {0} ||
 || SA || documentation server cert design concept to [[SystemAdministration/Systems/Development/Prepare]] || {0} ||
 || all || review [[Software/Assessment/Documentation/UpdateCycle|Software patches Update Cycle]] || {0} ||
 || BenBE, Marcus || documentation: developer git repos under github <<BR>> [[https://github.com/BenBE/CAcert/commits/bug-1131|bug #1131 history @ github]] <<BR>> [[https://github.com/CAcertOrg|CAcertOrg @ github]]<<BR>>started under [[Software/Assessment/Documentation/UpdateCycle/step1]] || {0} ||
 || NEO || BenBe: request: htttps header on bugtracker [[https://bugs.cacert.org/view.php?id=1116|bug #1116]] || {0} ||
 || all || read [[http://www.cs.auckland.ac.nz/~pgut001/pubs/x509guide.txt|x509 guide]] || {0} ||
 || all || [[https://bugs.cacert.org/view.php?id=1068|bug#1068]] blog problem (also relates to community)<<BR>>debian lenny - edge - squeeze upgrades needed<<BR>>alternate: new server with squeeze, install wordpress, transfer domain<<BR>>workaround: configure your FF [[FAQ/BrowserClients]] || {g} ||
 || uli || Experience points for ATE attendance<<BR>>check board motions and/or trigger if not yet passed || {0} ||
 || uli || Infrastructure separation, to contact secure-u (Frank, Mario, Ted, Sebastian) for discussion, prepare a plan, started 2011-12-18<<BR>>current state: see [[Funding/LandingPage|Funding Landing Page]]<<BR>>May 2013: tk-server sponsoring, tk-server rcvd, deployment: WIP, project not yet finished || {0} ||
 || All || 1. next: strategy for "New Roots & Escrow" - using indirect crl's ?<<BR>>indirect CRL: RFC 5280 [[http://tools.ietf.org/html/rfc5280]] (chapter 5) - test deployment || {0} ||
 || dirk, Michael || 3. next: strategy for "New Roots & Escrow" - how does debian work?<<BR>>to contact, deferred to next events (?)<<BR>>next round: picked up by Benedikt [[https://lists.cacert.org/wws/arc/cacert-board/2013-06/msg00000.html|new proposal 2013-06-02]] || {0} ||
 || Uli, Michael || Documentation Bugs.cacert.org Review, documentation I ([[Software/Assessment/Documentation/bugs|bugs handbook]]) svg files to convert to jpg or png || {0} ||


==== Development, Deployment, Discussion ====

 || OAO, Ted || [[https://bugs.cacert.org/view.php?id=943|bug #943]] change OA admin/assurer text || needs 2nd test -> Fabian, Marc, Alex? {g} / needs 2nd review -> Ted, rejected || {-} ||
 || uli, Ted || [[https://bugs.cacert.org/view.php?id=824|bug #824]] Org User cert fix '''Case study''' || Organisation User Certificates: Need UI improvement for proper production usage || {0} ||
 || uli, ted || [[https://bugs.cacert.org/view.php?id=823|bug #823]] email address removal fix || No warning when removing e-mail address from account that certificates will be revoked<<BR>>checked by 4, needs 2nd review, deploy<<BR>>rejected || {-} ||
 || inopiae || [[https://bugs.cacert.org/view.php?id=920|bug #920]] Join - single name only (eg Indonesian) || details under bug number || {0} ||
 || uli || [[https://bugs.cacert.org/view.php?id=859|bug #859]] admin console interface || feature request: show activity on an account in the admin interface<<BR>>rejected, certs login doesn't modify "modified" field || {r} ||
 || Michael || [[https://bugs.cacert.org/view.php?id=540|bug #540]] || p20111113 CPS #7.1.2 "Certificate Extensions" adjustments - testing<<BR>>uli, marcus: needs full cert create tests<<BR>>duplicate report to bug#978<<BR>>tested by 3, 2nd review done, transfered<<BR>>Ken reported: still has problems, bug kept open || {0} ||
 || gagern, NEO || [[https://bugs.cacert.org/view.php?id=440|bug #440]] Problem with subjectAltName (CSR, renew certs) || There seems to be a problem with the subjectAltName. Dupes, missing entries, and more, rejected, needs further development || {r} ||
 || neo || [[https://bugs.cacert.org/view.php?id=1025|bug #1025]] Domain Dispute issue || disputes rc and rc2 var prob<<BR>>needs work || {r} ||
 || dirk || [[https://bugs.cacert.org/view.php?id=1054|bug #1054]] 0001054: Review the code regarding the new point calculation || Thawte patch part II<<BR>>needs further work  || {r} ||


==== Software Assessors: Review 1 / add to cacert-devel, add to testserver ====
 ||<#ff8080> '''Software-Assessors task''' ||


==== Testing ====
 ||<#6699ff> '''Testers task''' ||

 || neo || [[https://bugs.cacert.org/view.php?id=1004|bug #1004]] Stats page improvement || tested by 2, needs 2nd review || {0} ||
 || neo || [[https://bugs.cacert.org/view.php?id=1159|Bugs #1159]] it might be possible to execute commands on the signing server  || || {0} ||
 || inopiae || [[https://bugs.cacert.org/view.php?id=1065|bug #1065]] Wrong wording when sending mails during the assurance process  ||  || {0} ||
 || inopiae || [[https://bugs.cacert.org/view.php?id=1162|bug #1162]] calcutate (the passwords) hash in php instead of in mysql || create test scenarios for the software testers /!\ <<BR>>Full testing /!\ || {0} ||
 || inopiae || [[https://bugs.cacert.org/view.php?id=28|bug #0028]] Wrong language for you've been assured & [CAcert.org] Client Certificate emails ||  || {0} ||
 || inopiae || [[https://bugs.cacert.org/view.php?id=988|bug #988]] TTP cap form deployment ||  || {0} ||

==== Software Assessors: 2nd Review, Bundle Package to Critical Team ====
 ||<#ff8080> '''Software-Assessors task''' ||

 || Ted || [[https://bugs.cacert.org/view.php?id=500|bug #500]] Get contact mail adress after resolving test || tested by 3, requires review || {0} ||
 || Ted || [[https://bugs.cacert.org/view.php?id=1140|bug #1140]] Show if a test is passed in learnprogress  || tested by 3, requires review || {0} ||
 || magu || [[https://bugs.cacert.org/view.php?id=1131|bug #1131]] Rename _all_ Policies from .php to .html and fix all links || global policy directory maintenance and update ||  {0} ||
 || inopiae || [[https://bugs.cacert.org/view.php?id=1010|bug #1010]] Reorder the view on organisation certificates || tested by 3 || {0} ||


==== Software Assessors: Bundle Package to Critical Team ====
 ||<#ff8080> '''Software-Assessors task''' ||

 || inopiae || [[https://bugs.cacert.org/view.php?id=1139|bug #1139]] Add new fields to the database || tests through #500 and #1140, 2nd review done, requires transfer || {0} ||


==== Awaiting Response from Critical Team ====

 || inopiae || [[https://bugs.cacert.org/view.php?id=411|bug #411]] Wrong text is made into link ||  || {g} ||


----
 . CategorySoftwareAssessment