When you add an new email address to your profile, the verification works now also on secure mail server handling TLS1.1 or TLS 1.2. CAcert’s software team has updated our software to get more possibilities to our community members.
Todays systemlog message marks the quantum leap in our about 10 months project work, to become the Software-Assessment area auditable.
As many Software-Updates are in the queue from the software developers, that needs testing and reviews by Software Assessors, the team started by end of last year with this project,
- to build up a new ”controlled” testserver with authority by Software-Assessors
- built up by the critical team as a Disaster Recovery testcase
- a new central repository for all the upcoming software projects (including the New Software project BirdShack)
- building a new test team running the software tests
- and finalyze the process by a review of the patches by 2 Software-Assessors
- document the patches, the testing, the review and the check by two Software-Assessors
- to bundle the new Software-revision for transfer to the Critical team
The systemlog message signals, that the first tested and reviewed patches has received by the critical system webdb and is incorporated into production. A new tarball has been generated to build the next basis for applying the next patches.
So here my thanks goes to all the involved teams,
- Software-Assessment-Project team
- the new Software Testteam
- the Critical Sysadmins team
- and last but not least to the Software-Assessors from the Software-Assessment team
With all these people assistance, this project hadn’t be pushed to this milestone. Thank you Andreas, to build the project plan and the technical background, and also hosting the current testserver, Thank you Wytze for all your work to build the new testserver from scratch as identical as possible to the production server, to Michael, who assist us in deploying the new git repository and also assistance in deploying the Testserver-Mgmt-System, so everybody can start testing w/o the need of console access, Thank you Markus, for all your time and effort to deploy the repository and testserver environment and also your work together with Philipp as Software-Assessor, to finalyze the Software-Update-Cycle. Thank you Dirk for all your suggestions to move on with this project.
Some more work is todo:
- adding a test-signer, so also cert related patches can be tested in the future (Andreas and Markus are working on this)
- deploying a C(ontinous)I(ntegration) system for automated testing (Andreas is working on this).
Now the teams have to walk thru the list of open bugs, that needs to be pushed thru … First of all is the “Thawte” bug … to signal all users who’ve got their Thawte points transfered by the old Tverify program if they are effected by the points removal or if they are safe. The CCA-Rollout with a couple of patches, a list of new Policies and Subpolicies related patches (eg. PoJAM, TTP program), a list of Arbitration pushed patches, and so on …
So guys, lets have a party tonight, we’ve wiped out one of the biggest audit blockers!
July 2010 was full of activities. Two Board members resigned. New procedures for Assurers were updated. And the Software-Assessment Project reaches one milestone.
- 2010-03-30 New Roots task force offers SHA2 based roots/end user certificates for testing
- 2010-03-30 Software-Assessment Project telco 2010-03-30
- GIT as the future Software Assessment repository passed test successful
- Testserver needs Testserver Management System, action plans triggered to start a deployment
- 2010-03-27 Walter Güldenberg appointed as Events Team Leader
- 2010-03-26 Sysadmin team works out way forward for SNI, client certificate authentication and SSL renegotiation changes in browsers
- 2010-03-26 Security Policy – Board vetos Security Policy Draft regarding point 184.108.40.206. Coverage – Board sighting conflicts with CAcert incorporated rules
- 2010-03-25 Ongoing update of CAcert Officers list
- 2010-03-24 First ATE in 2010 season: ATE-Sydney with 6 co-Audited Assurances and addtl. 14 interested Attendees
- Discussions through email and irc about how to seed CAcert deserts. Plans for contacting Usergroups (existing IT related social networks)
- mostly, area has many old SuperAssurers that will have faded away
- 2010-03-21 Board Meeting 2010-03-21 “Determine Root escrow and recovery mechanism” review ends with no consensus
- 2010-03-18 Rasika Dayarathna, our Privacy Officer, resigned due to lack of time. Looking forward to rejoining us later.
- 2010-03-14 Boards Projects Overview Page started deployment
- 2010-03-13 Board Members allowed to serve on arbitration team again
- 2010-03-06 Daniel Black gets appointed as Infrastructure Team Leader
- 2010-03-06 Efficiency gain – Policy Officer empowered to perform minor adjustments to policy
- 2010-03-06 CeBIT 2010 Big Assurance Event successful passed after 5 days with a team of about 8 to 12 and more Assurers. CAcert was one of the 15 projects on the booth at the Open Source Project Lounge sponsored by Linux New Media.
- 2010-03-03 Co-Audited Assurances Program finalized and starts at CeBIT 2010
Contributions to this Community Update by: Ian, Daniel, Uli
- 20100221 Markus Warg appointed to Software Assessment.
* He is now the 2nd team member in a new team that will be formed under the “Repository Project” by Andreas Bäß
* Also involved in this project is the Critical sysadmins team for building up the Servers and software for becoming testing and staging servers.
* Also to train the system recovery from scratch
* Also to prepare a proposed system upgrade
* These are the first results from the Software MiniTOP Essen Dec 16th 2009
- 20100221 UlrichSchroeter appointed as Assurance Officer
* Board accepts Sebastian’s resignation as Assurance team leader, and thank him for steering the ship over the last year. Sebastian remains on the Assurance team! Board appoints Ulrich as team leader, formally Assurance Officer within the meaning of the Assurance Policy.
- 20100221 Michael Tänzer appointed as Support Officer
* Board appointed Michael as support team leader and accepts Ian Grigg’s resignation as support team leader.
* (Formally, as Support Officer within Security Policy.)
- 20100213 Software MiniTOP Offenbach Feb 13th 2010
* Current State of ”Repository Project”
- 20100206 Assurance MiniTOP Brussels Feb 6th 2010 – on the Agenda were several topics
* Assurance – Tasks for coming weeks.
- Plan for Events.
- Submit review to board.
- new AO and EO to board.
- prepare CeBIT.
- finish Co-auditing Programme for 2010, in time for CeBIT.
* ABC interviews
* Defining the Co-Auditor
* co-Audit Team
* co-Audit preparation
- 20100201 p20100119 PoJAM to DRAFT resolved.
* Now the Subpolicy is binding to Assurers for assuring minors and als minors to be Assurers.
* This is the first policy in a series of subpolicys under AP, that cames back after all special assurance programs becomes frozen.
Further Community Update News you will find in the Wiki Community Update
- 20091221 Nick Bebout: Resignation as Dispute Resolution Officer (DRO)
- [Poll for AGM day] (Fr,Sa,Su?) Inc Members, please vote! (finished)
- 20091220 Board Meeting
- “process of software review” ends with the motion: m20091220.2, propose 4 people, and to request ABCs
- Support is proceeding to bring in Triage people. 3 ABCs have been completed. Michael Taenzer, Martin Schultze, Wolfgang Kasulke are now complete, so t/l-support will probably propose them for Support Engineer.
- Arbitration: “That, given m20090811.1, and today’s informal information that some arbitrators are non-working, board requests an immediate update of the state and health of the Arbitration system from DRO, with a view to changing the roles and re-invigorating the process.”. Motion m20091220.3 carried
- Update on Finance: No Annual General Meeting schedule yet (Update: Boardmeeting Jan 3th: AGM is at Jan 30th)
- Minutes 20091216 Essen Software MiniTOP
- Software, repository: Repository is up and going. Haven’t got the test system, just the developer system. We expect to have everything together by end of January.
- Birdshack doco
- Root ceremony: In order to re-do this process, we have to do: planning, collection of the people, budget, hardware, and also to come up with a new concept for protection of the root. This latter is important, and the whole thing will need to be serious and documented for presentation to a new auditor.
- Hamburg Assurance mini-TOP 20091215 results with three new Special Assurance programs proposals
- 20091215 Confirmation received for a booth at the CEBIT 2010. CAcert get this sponsored booth from the Linux New Media (Cebit Open Source) (CEBIT Event Organisation)
- 20091211 Support Team declares reaching a milestone in clearing out the support Inbox. All that’s left is the future!
- 20091205 Confirmation received for a booth at the FOSDEM 2010 6-7 Feb 2010, Brussels Belgium. (FOSDEM Event Organisation)
- (Non-Critical) Infrastructure Projects are advancing, Board has accepted to go for Vienna (Sonance) and Berne one is in preparation (contract needs to be made), the hardware in Berne is ready. (see Audit Next Steps (Systems), Infrastructure Host)
- New Arbitrators makes their first steps in the Arbitration Team. The backlog of Arbitration cases increases rapidly, after the support blockage seems to be fixed.
- The first new Support Engineer starts working in the Support Team, also new people on the Triage team. As working on the backlog of the support mailbox, about 15 new disputes upto now forwarded to the Arbitrations Team to a total of 53 init (23)/running (30) cases. Some diputes filed originaly Jun 2009, Sep 2009
- The Draft CPS is now on the main site see on the Blog and the CPS on main Site.
- Assurances Program: As of Board motion m20090912.1 and finaly m20090914.2 also the assurances of underaged people (u18) were ceased. A workaround is to follow the PoJAM (WIP) procedure, but a dispute filing is allways possible.
- Policy group decide p20091108 to make IDNs available everyone with some restrictions to minimize homograph risks.
- recruitment of Support Engineers
. relates to the Arbitration – Case Managers – Support discussion
. Support was identified as a bottleneck, now starting try #3 to get people in
. see also Board Meeting Agenda 2009-11-15
. and Board-Next-Meeting Sunday 2009-11-15 – 21:00 UTC – Input
. and Board-Next-Meeting Sunday 2009-11-15 – 21:00 UTC – Input – Reply
. and Board-Next-Meeting Sunday 2009-11-15 – 21:00 UTC – Input – another Reply
. IanG appointed as temporary Support Officer assisted by u60 see e.g. Support Team