View Issue Details

IDProjectCategoryView StatusLast Update
0000846Main CAcert Websitewebsite contentpublic2013-01-12 20:18
ReporterUli60 Assigned ToTed  
PrioritynormalSeveritytweakReproducibilityalways
Status closedResolutionfixed 
Fixed in Version2011 Q4 
Summary0000846: Better guidance of bonafide members in Join Form about Suffixes they doesn't have in their ID doxs (a20100207.2)
DescriptionThis problem is a recurring problem that results in an increased count of dispute filings and therefor Arbitration cases.

This has been discovered in Arbitration case:
https://wiki.cacert.org/Arbitrations/a20100207.2

Bonafide members assumes incorrectly, they can enter titles as found on the wikipedia link. Starting with assurances, unexperienced Assurers still not notice the addtl. Suffix, so the user runs into a problem, that he cannot later correct the wrong entered suffix in his account because unexperienced assurers just transfered assurance points over the account.
To get this problem fixed from several sides, one is to better

Guidance in the online Join Form

* To prevent such problems with Suffixes in the future, Software Developers
  should update the online Join Form to reflect this simple rule:
 * Possible variations can be:
  * Add a header section like Password guidance onto the Online Form
    to guide the bonafide members in filling the several name parts
    into the form fields and to prevent suffixes that cannot be read
    in at least ID doc to be entered into the form
   * Sample: Entering names: Only add names and name parts (also suffixes)
             that can be read in at least one ID doc
  * Expand the description text below the Suffix field to
   * Sample: Suffix (optional) / Please only write Name Suffixes into this
             field that can be verified by at least one ID doc
TagsNo tags attached.
Reviewed byTed, NEOatNHNG
Test Instructions

Relationships

has duplicate 0000874 closededgarwahn add descriptive help text to "Join CAcert" 
has duplicate 0000371 needs work Suffix usage 
related to 0000914 needs feedbackINOPIAE Information about Practice on Name while entering an Assurance 
related to 0000912 needs feedbackUli60 Language driven notification hints on name rules on join form 
related to 0000875 needs reviewNEOatNHNG In german register routine the error message is in english 
related to 0001100 needs work findings from David 

Activities

Uli60

2010-08-18 16:38

updater   ~0001669

alternate solution:
on verification phase test if field suffix is not empty
If there is some content, ask the user, if the content is also readable in at least one ID doc he will present potential assurers ?
Yes -> continue
No -> removal of Suffix content

INOPIAE

2010-10-06 18:17

updater   ~0001734

The phrase "suffix" in German has a differnt meaning than in English. For the German translingo it is better interpreted as "Titel, Akademischer Grad" "title academic degree". This would at least straighten out the mess for the german community as only a few acadimic degrees are placed in offical documents.

Uli60

2010-11-16 23:21

updater   ~0001787

comment on (0001734)
default language is english on CAcert main website.
I assume, that most people probably doesn't switch the language setting to their related language before creating their account.

Uli60

2011-08-15 12:52

updater   ~0002294

eg
https://www.cacert.org/index.php?id=1
https://cacert1.it-sls.de/index.php?id=1
=> /pages/index/1.php

link to https://wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm

Uli60

2011-08-15 18:12

updater  

1.php (9,613 bytes)

Uli60

2011-08-15 18:13

updater   ~0002296

/pages/index/1.php
add column 3 in join table form
changed link from suffix to wiki page

Ted

2011-08-27 21:38

administrator   ~0002355

Created branch bug-846, merged into master and pushed to the testsystem

Ted

2011-08-27 21:40

administrator   ~0002356

1st review done, fixed a typo, otherwise acceptable.

For my curiosity, why is the link to Wikipedia on name suffixes removed?

Ted

2011-08-27 21:45

administrator   ~0002357

First quick test, opened the "Join" page, looks ok, link works.

Wouldn't it be better to do the link without protocl spec (//wiki.cacert.otg/... instead of http://wiki.cacert.org/...)?

Ted

2011-08-29 19:00

administrator   ~0002358

According to mail communication with Uli I removed the "http:" protocol from both links on the join page.

Checked in to bug-846, merged to master and installed on Testsystem.

INOPIAE

2011-08-30 21:17

updater   ~0002364

On the https://cacert1.it-sls.de/index.php?id=1 and https://secure1.it-sls.de/index.php?id=1 join page the link to the wiki is visible and opens in a new tab https://wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm => ok

Uli60

2011-08-30 22:43

updater   ~0002371

join new member
link in box right the name fields
https://wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm
jumps to wiki page => ok
adding new user
finishing - go to ca-mgr1 - got email link => ok
pasted link - executed link
account created. => ok
logged in to new account => ok

my details - my points

You have made 0 assurances which ranks you as the 0000168 top assurer.

Your Assurance Points
ID Date Who Points Location Method
Total Points: 0

Assurance Points You Issued
ID Date Who Points Location Method
Total Points Issued: 0

15.php (new calculation)
Assurer Ranking
You have made 0 assurances which ranks you as the 0000053 top assurer.
You have received 0 assurances which ranks you as the #213 top assuree.

Summary of your Points
Description Points Countable Points Remark
Assurance Points you received 0 0
Total Experience Points by Assurance 0 0
Total Experience Points (other ways) 0 0
Total Points 0 You need 100 assurance points and the passed CATS-Test to be an Assurer

Assurance Points You Issued
ID Date Who Points Location Method Experience Points
Total Points Issued: 0 Total Experience Points:

Your Assurance Points
ID Date Who Points Location Method Experience Points
Total Assurance Points: 0 Total Experience Points:

=> all ok

NEOatNHNG

2011-09-13 23:52

administrator   ~0002429

I have reviewed the changes but have noted a few errors/ugliness. I have corrected them and put the changes on the test server. Please rereview and test.

Uli60

2011-09-24 19:03

updater   ~0002499

Last edited: 2011-09-27 08:20

View 3 revisions

Join form displays:
"A proper password wouldn't match your name or email at all, it contains at least 1 lower case letter, 1 upper case letter, a number, white space and a misc symbol. You get additional security for being over 15 characters and a second additional point for having it over 30. The system starts reducing security if you include any section of your name, or password or email address or if it matches a word from the english dictionary...

Note: White spaces at the beginning and end of a password will be removed."

whats about the whitespace requirement fore the password ?!?
Shouldn't this be removed ?!?

The link right the name fields links to https://wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm -> ok
link pressed opens new tab and ends on the defined and existing wiki page

user account bug846.user2@wiamail created

login to seperate window with admin account
search for user bug846.user2@wiamail displays user account (related to new added advanced features from bug#794, 0000882, 0000975)
Account State:
Account inconsistency: Users record verified not set => ok
Email record hash not unset => ok
code: 18 => ok
Account inconsistency can cause problems in daily account operations and needs to be fixed manually through arbitration/critical team. => ok

login to ca-mgr1 with bug846.user2@wiamail
check mail: pick up confirmation code
verify email

login to testserver with bug846.user2@wiamail
success

my points (10.php) -> 0 assurance points => ok
                   -> 0 experience points => ok
new calculation (15.php)
all 0 -> ok
text -> You need 100 assurance points and the passed CATS-Test to be an Assurer => ok

Assurer Ranking
You have made 0 assurances which ranks you as the 0000057 top assurer.
You have received 0 assurances which ranks you as the 0000225 top assuree.
=> ok

login with admin account
search bug846.user2@wiamail
Account State -> clean => ok

INOPIAE

2011-09-27 08:41

updater   ~0002529

on join form the link to thet wiki https://wiki.cacert.org/FAQ/HowToEnterNamesInJoinForm works. => ok

Uli60

2011-09-27 18:37

updater   ~0002536

tested by 2, test finished
needs 2nd review + deploy

NEOatNHNG

2011-10-20 17:43

administrator   ~0002613

Reminder sent to: Ted

Ted, could you please review the changes I made on top of the ones you already reviewed?

The http: was readded in one place in the last commit because this URL is actually displayed inline in the page as text not as a href and some users might not know that something starting with // might actually be a URL

Thanks.

NEOatNHNG

2011-10-20 17:50

administrator   ~0002614

Last edited: 2011-10-20 17:53

View 3 revisions

0000846:0002356 it is removed because the article describes all kinds of suffixes and people put it in there even if they didn't had a document to prove that suffix.

Ted

2011-10-20 21:16

administrator   ~0002621

Reviewed changes again and sent patch request to critical admins.

wytze

2011-10-21 11:13

developer   ~0002622

The patch has been applied to the production server on October 21, 2011. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2011-10/msg00010.html

Werner Dworak

2012-12-21 05:00

updater   ~0003508

More than 3 month fixed and no complaints

Issue History

Date Modified Username Field Change
2010-08-18 15:33 Uli60 New Issue
2010-08-18 16:38 Uli60 Note Added: 0001669
2010-10-05 09:46 edgarwahn Relationship added has duplicate 0000874
2010-10-06 18:17 INOPIAE Note Added: 0001734
2010-10-07 13:40 Uli60 Relationship added has duplicate 0000371
2010-11-16 23:21 Uli60 Note Added: 0001787
2011-03-16 16:37 Uli60 Relationship added related to 0000914
2011-03-16 16:38 Uli60 Relationship added related to 0000912
2011-03-16 16:39 Uli60 Relationship added related to 0000875
2011-08-15 12:52 Uli60 Note Added: 0002294
2011-08-15 18:12 Uli60 File Added: 1.php
2011-08-15 18:12 Uli60 Assigned To => Uli60
2011-08-15 18:13 Uli60 Note Added: 0002296
2011-08-15 18:13 Uli60 Status new => fix available
2011-08-27 21:22 Ted Assigned To Uli60 => Ted
2011-08-27 21:38 Ted Note Added: 0002355
2011-08-27 21:40 Source_changeset_attached => cacert-devel master b20c9a2b
2011-08-27 21:40 Ted Reviewed by => Ted
2011-08-27 21:40 Ted Note Added: 0002356
2011-08-27 21:40 Ted Assigned To Ted =>
2011-08-27 21:40 Ted Status fix available => needs review & testing
2011-08-27 21:45 Ted Note Added: 0002357
2011-08-29 18:55 Source_changeset_attached => cacert-devel master 9ded0add
2011-08-29 18:55 Source_changeset_attached => cacert-devel master 86e8fb9f
2011-08-29 19:00 Ted Note Added: 0002358
2011-08-30 21:17 INOPIAE Note Added: 0002364
2011-08-30 22:43 Uli60 Note Added: 0002371
2011-08-30 22:43 Uli60 Assigned To => Uli60
2011-08-30 22:43 Uli60 Status needs review & testing => needs review
2011-09-13 21:45 NEOatNHNG Source_changeset_attached => cacert-devel master 287344df
2011-09-13 21:45 NEOatNHNG Source_changeset_attached => cacert-devel master 3ee5e7ec
2011-09-13 22:25 NEOatNHNG Source_changeset_attached => cacert-devel master 5f7c0a1d
2011-09-13 22:25 NEOatNHNG Source_changeset_attached => cacert-devel master b896a137
2011-09-13 23:52 NEOatNHNG Note Added: 0002429
2011-09-13 23:52 NEOatNHNG Status needs review => needs review & testing
2011-09-13 23:52 NEOatNHNG Reviewed by Ted => NEOatNHNG
2011-09-24 19:03 Uli60 Note Added: 0002499
2011-09-24 19:05 Uli60 Note Edited: 0002499 View Revisions
2011-09-27 08:20 INOPIAE Note Edited: 0002499 View Revisions
2011-09-27 08:41 INOPIAE Note Added: 0002529
2011-09-27 18:37 Uli60 Note Added: 0002536
2011-09-27 18:37 Uli60 Status needs review & testing => ready to deploy
2011-09-27 23:12 NEOatNHNG Source_changeset_attached => cacert-devel testserver a746f69e
2011-09-27 23:12 Source_changeset_attached => cacert-devel testserver 1d048946
2011-09-27 23:12 Source_changeset_attached => cacert-devel testserver 235788db
2011-10-20 17:36 NEOatNHNG Assigned To Uli60 => Ted
2011-10-20 17:43 NEOatNHNG Note Added: 0002613
2011-10-20 17:50 NEOatNHNG Note Added: 0002614
2011-10-20 17:51 NEOatNHNG Note Edited: 0002614 View Revisions
2011-10-20 17:53 NEOatNHNG Note Edited: 0002614 View Revisions
2011-10-20 21:16 Ted Reviewed by NEOatNHNG => Ted, NEOatNHNG
2011-10-20 21:16 Ted Note Added: 0002621
2011-10-20 21:25 Ted Source_changeset_attached => cacert-devel release df07bc8d
2011-10-21 11:13 wytze Note Added: 0002622
2011-10-21 11:13 wytze Status ready to deploy => solved?
2011-10-21 11:13 wytze Resolution open => fixed
2012-12-21 05:00 Werner Dworak Note Added: 0003508
2012-12-21 05:00 Werner Dworak Status solved? => closed
2013-01-08 06:43 Werner Dworak Relationship added related to 0001100
2013-01-12 20:18 Werner Dworak Fixed in Version => 2011 Q4