The latest of the audit reports, for Jan-April, is now on the wiki. Much has happened since the last report, here are the headlines:

1. CAcert has a new Security Policy in DRAFT which covers the systems administrators, the Access Engineers, and also the Support and Software people.
2. With this in place, Audit will now visit the systems team in Ede, Netherlands in early May. This will be the first visit to review the systems against that Security Policy. My guess is that we will need 3 visits.
3. A new Software Development team met in Innsbruck last week to review the software and prepare the way forward. Their recommendation: total rewrite. The design was done during the week, and is documented. Next steps are to .. write the code! This is where we find out if coding is really as easy as talking 🙂 if you want to participate, and who wouldn’t want to be in the team that totally changes the face of CAcert … then keep an eye on the cacert-devel list.
4. Assurance Policy is now full POLICY.
5. Audit is now in high gear checking Assurances. See all the other blog posts.
6. On 16th May, in Munich, we will meet up with the heavy-hitting German Assurance team of Sebastian, Ulrich and Ted. There, we’ll talk about the results from the audit checks, and think about a roadmap for the future.

Big picture: Audit is in high gear. Much will be done, much will be checked. Now this might be “optimistic” but bear in mind that the resources are very limited. If there are any missteps, if there are any big delays, then CAcert is in trouble. We simply don’t have the time and money to delay this into the future.

So, watch out for appeals for help, and consider jumping into effort. You will be unhappy if you miss that chance, you will have nothing to tell your grandchildren after the war is over 🙂

After the implementation of the Assurer Challenge last year there will be no “old” Assurer status anymore.
Assurers who have not passed the Assurer’s Challenge are no longer Assurers. AP gives authority to impose the rule that Assurers must have 100 points *and* pass the Assurer’s Challenge. So all Assurers who do not have the Challenge and want to do so, please visit the Assurer-Challenge pages and follow the instructions.
Please see also http://bugs.cacert.org/view.php?id=588 .

The ApacheCon Europe 2009 conference is from Wednesday 25rd of March till Friday 27th of March 2009 in Amsterdam (it is near the central railway station). Tutorials and workgroup meetings start on Monday 23rd of March.
At this conference CAcert will have an assurance booth table on Wednesday 25th of March and Friday 27th of March. For assurance preparations information: please visit the wiki page. CAcert is looking for Assurers on Thursday.
ApacheCon is the official user conference of The Apache Software Foundation, featuring in-depth training classes and more than 60 sessions by the creators of open source software such as the Apache httpd webserver, Tomcat, Lucene, Hadoop and more. New this year: BarCampApache, Open Hackathon, and Geeks for Geeks Track.

CAcert has some free CeBIT tickets available. If you like to attand CeBIT and do not have your ticket yet, sent an email to p(dot)dunkel(at)cacert(dot)org. You then get a link to the CeBIT website where you can register and print your own ticket. You are welcome to visit us at our booth Hall 6, Booth F-36-2. Donations for supporting CAcerts operations are welcome.

CAcert hat ein paar kostenlose CeBIT-Tickets abzugeben. Wenn Sie die CeBIT besuchen wollen und noch ein Ticket benötigen, senden Sie eine E-Mail an p(dot)dunkel(at)cacert(dot)org. Sie erhalten dann einen Link zur CeBIT-Webseite, wo sie sich ihr persönliches Ticket registrieren und ausdrucken können. Wir freuen uns über Besucher an unserem Stand in Halle 6, Stand F-36-2. Spenden, um den Betrieb von CAcert zu fördern, sind willkommen.

For an easier on-line html CAP (for individuals) or COAP (for organisations) assurance form use the html CAP form or html COAP form respectively. While one can complete the form on-line now with one’s browser, the browser is now able to make a request the completed pdf form via the CAcert site. In this easy way one will make sure that an URL is used is generating the correct URL to generate a completed assurance pdf form file.

These both HTML forms are made available from the (moinmoin) wiki. They will differ slightly from the html form, which will become available soon from the CAcert main web page as well. Note that browsers differ when complicated tables and styles are used.

The HTML forms are made available to facilitate one’s preparations at the office when one plans to attend an assurance event at exhibitions and conferences.

The first EU MozCamp 2009 is helt on 6th of March 2009 in Utrecht, Holland. You will get a chance to be fully assured on this MozCamp. Have a look at the CAcert wiki page Assurance Preparations information is provided how to prepare yourself for such an assurance event.. The assurances will be done during lunch time.