View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0001506||Main CAcert Website||web of trust||public||2021-02-13 17:17||2021-02-20 04:19|
|Summary||0001506: Implement some notification for Assurers to destroy CAP forms 7 years after an Assurance|
|Description||Since we came to the conclustion that CAP forms should be destroyed 7 years after an Assurance (see <https://wiki.cacert.org/AssuranceHandbook2#What_about_that_CAP_form.3F> and <https://blog.cacert.org/2021/01/destroying-the-cap-form/>), @japh has proposed to implement a notification mechanism to assist Assurers with this.|
Several options seem to be available, including but not limited to:
- Notification by e-mail
- Notification on the web page when logging in to the CAcert account
We should try to collect more detailed requirements and specifications here before starting implementation.
|Tags||No tags attached.|
comments and suggestions welcome!
1. prepare a standard email template
- include placeholders for recipient and perhaps the number of expired
assurances since last login or last reminder
- should be as succinct / concise as possible
<number> of your CAcert assurances have recently past their required,
7 year retention age.
In the interests of data security (e.g. GDPR), please destroy any
CAP forms in your possession which are older than 7 years.
- inform the assurer that they can change their reminder preference via
their cacert.org "My Alert Settings" page.
- the reminder email should NOT contain any personal information
(except the repient's email (and name?))
- don't assume english - use `users.language` to automatically select
- reminder text should be available in all supported languages (help needed!)
2. add a new alert preference flag, e.g. `alerts.cap_expiry`
- only relevant => visible for assurers, via their "My Alert Settings" page
- when set, allow CAcert to send a reminder email when assurances made by
the assurer have "recently become 7 year old" (expired)
- allows at most e.g. 1 reminder email per month
- default 'on' for existing members? (otherwise we wouldn't send any reminders)
OR, set default NULL, send exactly 1 reminder if the flag is NULL and
then automatically set the flag to "off".
This would mean that active assurers are informed that they can opt-in
to getting reminders emails.
Inactive assurers get a one-off reminder and then automatically return
to being inactive. i.e.: no need for them to do anything to remain inactive.
3. write a new script to send reminders, based on existing notification scripts.
- may be run daily (for 1/28'th of the assurers) or monthly (over all assurers)
- identify expired assurances by comparing `notary.date`, `notary.when`
or `notary.expire` against "now - 7 years"
(which field would be most appropriate?)
- DO NOT send emails to assurers who received a reminder recently, or
logged in since the most recent assurance expiry
- appropriate fields to check?
- add new date record
e.g.: users.last_cap_expiry_reminder (date)
- query to find people to send reminder to:
e.g.: (sample only)
cutoff as (
max( users.last_cap_expiry_reminder, users.lastLoginAttempt ) as last_reminder
group by users.id
count(*) as num_expired
join notary on notary.from = users.id
join cutoff on cutoff.id = users.id
-- correct reference date?
-- or notary.when
-- or notary.expired
notary.date > date_sub( cutoff.last_reminder, interval 7 years )
4. add a prominent reminder to login pages
https://secure.cacert.org/account.php?id=36 ("My Alert Settings" page)
https://secure.cacert.org/wot.php?id=10 ("My Points" page - add new column "Destroy CAP Form (y/n)" ?)
- use text similar to the reminder email
- only display reminder if assurances have expired since the last login
assume that emails have been lost in transit
or provide positive confirmation that the email received was not sent
erroneously / maliciously
- use similar query to above, but only check last login date
- ignore logins on same day, i.e.: prevent edge case of
failed/short/interrupted login automatically cancelling the UI reminder.
- I do not envision a requirement for assurers to confirm CAP form destruction