cacert-sysadm AT lists.cacert.org
Subject: CAcert System Admins discussion list
List archive
- From: "Ian G (Audit)" <iang AT cacert.org>
- To: Daniel Black <daniel AT cacert.org>
- Cc: cacert-sysadm AT lists.cacert.org
- Subject: Re: [Cacert-sysadm] cacert systems strategy
- Date: Mon, 09 Mar 2009 15:26:26 +0100
- Authentication-results: lists.cacert.org; dkim=neutral header.i= AT cacert.org; dkim-asp=none
- List-archive: <http://lists.cacert.org/pipermail/cacert-sysadm>
- List-id: CAcert System Admins discussion list <cacert-sysadm.lists.cacert.org>
On 8/3/09 11:37, Daniel Black wrote:
On Sunday 08 March 2009 20:03:30 Sam Johnston wrote:...
....First and foremost the IT systems need to be brought up to the level where
they meet or exceed the requirements of the organisation.
I'd love to know where these requirements are. I thinks thats 1/2 (or most of)
the point of this email. I'm doing stuff and don't know what's important.
Ah, Its a good point that I still don't know what the priorities of the
organisation are.
I found TroubleTicket System on https://wiki.cacert.org/wiki/SystemTasks.
On all these broad questions of the prioritisation of systems tasks, I can add some comments. They have been somewhat driven by different perspectives.
First, audit perspective, which needed hosting, systems administration, access engineer teams and the systems themselves molded into its current NL/BIT/Ede form.
So, to deal with all this, the Board generally spent from September of 2007 until late last year focussed almost entirely on the systems administration issue. Anything that didn't fit into that, wasn't a priority.
(I am guessing that the SystemTasks list fitted into that; as outside the Board's priorities, it was considered not important enough to get attention, indeed potentially controversial that the list did not clearly trace its items to the Board's priorities.)
The systems administration work is now well advanced, to the extent that we are now talking about auditing it, see recent emails.
Secondly, again from audit perspective, there was a long list of other areas which need to be addressed. Just briefly:
mods to the software to finish off the Assurance work:
knocking old assurers off,
changing the website to reflect the new contract,
Adding the new points regime.
mailouts to the assurers and members
getting the Assurance Policy work out to the Assurers
And so forth and so on.
Thirdly, it has *always* been recognised that there were three major things to do in the wider "systems" part of CAcert, and these were prioritised by board because not all could be done at once:
systems admin (see above, 2007 - 2008)
software development (deliberately deferred until 2009)
support (deferred by board, but audit demands some minimal doco)
As an aside, there has been a lot of discussion about software development over the last several weeks. As this is a big black hole before the board, and this year was always felt to be the year to solve it, it is now taking front & center stage.
If its a urgent requirement should the be fortnightly or monthly board reports
on progress? At least this will stress how important it is.
I think I would rather see a tracing of the requirements back to the above board and audit priorities. Otherwise, it is liable to be deferred for now. It's also a bit controversial to talk about this sort of stuff because while we are talking about that, critical things like lack of the test1 service, the dropping of old assurers and the mailouts of the assurer and contract letters aren't getting done.
I'm tempted to throw the whole SystemTasks list at the board and say
prioritise it. My suggested breakout of this (that has huge scope for
improvement) is:
0. Issues causing risk to the Audit.
Right, see above.
1. Issues that are causing pain to CAcert community members (CCA)
support.
2. Issues that are causing pain to cacert staff
support.
3. System issues that need to improve to reduce business risk
These would be things like Assurer dropping, mailouts.
Others:
4. development opportunities that would benefit all and make certificates more
useful in other situations.
5. development opportunities that could benefit cacert systems
6. other cool stuff we've thought of
Sure, but only top notch things will get much attention right now.
The mail system is too complicated so I don't use it,
and I doubt I'm the only one (I have a bunch of aliases in Gmail but
cacert.org isn't one of them).
sorry about that. I'm reviewing the documentation now to simplify it. I get
the feeling its probably more that that so I'll email you privately.
Anyone else with troubles bugs.cacert.org community.cacert.org project.
I think this is working out fine. Yes, there are teething problems, but I think that the project to try to create a secure email structure has been immensely valuable in putting hard facts to the issue. As a CA, eating ones own dogfood, to use the americanism, is really valuable.
It will take time to roll out, sure.
(Yes, I agree it might make a good paper :)
After that the documentation in terms of audit et al is obviously critical
for us but could also be really useful for others.
sure - love to see more of it.
Yup!
iang
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- [Cacert-sysadm] cacert systems strategy, Daniel Black, 03/08/2009
- Re: [Cacert-sysadm] cacert systems strategy, Sam Johnston, 03/08/2009
- Re: [Cacert-sysadm] cacert systems strategy, Daniel Black, 03/08/2009
- Re: [Cacert-sysadm] cacert systems strategy, Ian G (Audit), 03/09/2009
- Re: [Cacert-sysadm] cacert systems strategy, Daniel Black, 03/14/2009
- Re: [Cacert-sysadm] cacert systems strategy, Ian G (Audit), 03/14/2009
- Re: [Cacert-sysadm] cacert systems strategy, Daniel Black, 03/14/2009
- Re: [Cacert-sysadm] cacert systems strategy, Ian G (Audit), 03/09/2009
- Re: [Cacert-sysadm] cacert systems strategy, Daniel Black, 03/08/2009
- Re: [Cacert-sysadm] cacert systems strategy, Sam Johnston, 03/08/2009
Archive powered by MHonArc 2.6.16.