View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000921Main CAcert WebsiteAudit issuespublic2011-04-17 02:092013-01-15 15:31
ReporterUli60 Assigned ToUli60  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version2011 Q3 
Summary0000921: http://www.cacert.org/index.php?id=10 fixes PP (Privacy Policy)
Descriptionsee bug 671
0000010 PP => /policy/ page and drop the 0000010 page, fix up links
addtl.
id=39 link

http://www.cacert.org/index.php?id=10

showfooter() in /includes/general_stuff.php
also to change link "Association Membership"
from http://wiki.cacert.org/wiki/CAcertIncorporated
to http://wiki.cacert.org/CAcertIncorporated

replace /pages/index/10.php with "depricated"

logged-in this link on showfooter() switches to
https://secure.cacert.org/account.php?id=39
showfooter() in /includes/account_stuff.php
also to change link "Association Membership"
from http://wiki.cacert.org/wiki/CAcertIncorporated
to http://wiki.cacert.org/CAcertIncorporated

replace /pages/account/39.php with "depricated"
Additional Informationfiles to modify
1. /includes/account_stuff.php
2. /includes/general_stuff.php
3. /pages/account/39.php
4. /pages/index/10.php
5. add /www/policy/PrivacyPolicy.php
TagsNo tags attached.
Reviewed byTed, NEOatNHNG
Test Instructions

Relationships

related to 0000671 solved?Uli60 cms pages in online website need review for deprecation 
related to 0000941 needs workUli60 Policy Repository Migration 

Activities

2011-04-17 02:13

 

account_stuff.php (24,577 bytes)

2011-04-17 02:14

 

general_stuff.php (5,983 bytes)

2011-04-17 02:14

 

39.php (1,012 bytes)

2011-04-17 02:15

 

10.php (1,012 bytes)

Uli60

2011-04-17 02:23

updater   ~0001932

Last edited: 2011-04-17 02:26

 still open correction(s):
/www/policy/CAcertCommunityAgreement.php
/www//policy/CertificationPracticeStatement.php

1. /includes/account_stuff.php from cacert-devel (2011-04-16)
2. /includes/general_stuff.php from cacert-devel (2011-04-16)
1. + 2. includes bug# 918 fixes (weak key functions)

Uli60

2011-04-17 02:35

updater   ~0001933

Last edited: 2011-04-17 02:36

 patched files attached to notification send to Software-Assessors

2011-04-17 13:43

 

PrivacyPolicy.php (4,398 bytes)

2011-04-17 20:55

 

CAcertCommunityAgreement.php (14,827 bytes)

2011-04-17 20:55

 

CertificationPracticeStatement.php (130,037 bytes)

Uli60

2011-04-17 20:56

updater   ~0001935

patched files
/www/policy/CAcertCommunityAgreement.php
/www//policy/CertificationPracticeStatement.php
also fixed and send to SA's

NEOatNHNG

2011-04-21 02:48

administrator   ~0001936

Fix for the privacy policy committed and transferred to the test server (branch bug-921, commit ID d17953a5f2f1d2d4a4df1993e3fc749e4c606f6a)

needs testing and review

NEOatNHNG

2011-04-21 03:51

administrator   ~0001937

Added second part: Fix some more links (also branch bug-921, commit ID 313bbc31ddcad1ce554c347eb89f3ed8fa5ee860)

Uli60

2011-04-21 17:59

updater   ~0001941

notification to testers sent

INOPIAE

2011-04-26 20:35

updater   ~0001944

on both pages http://cacert1.it-sls.de/index.php?id=10 and https://secure1.it-sls.de/account.php?id=39
the policy link is pointing to server/policy/PrivacyPolicy.html

Uli60

2011-05-26 11:47

updater   ~0002009

Last edited: 2011-05-26 11:48

 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
http://www.CAcert.org/index.php?id=10
cannot be completely removed !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
as the link http://www.CAcert.org/index.php?id=10
is hardcoded into the root and class3 certs

X509v3 Certificate Policies:
    Policy: 1.3.6.1.4.1.18506
      CPS: http://www.CAcert.org/index.php?id=10

Netscape CA Policy Url:
    http://www.CAcert.org/index.php?id=10

at least a redirect has to be still left in
/pages/index/10.php

Uli60

2011-07-05 00:15

updater   ~0002080

with password login

http://cacert1.it-sls.de/index.php?id=10
displays:
"This page has been moved to the policy directory. Please update your bookmarks and report any broken links."
with link http://cacert1.it-sls.de/policy/PrivacyPolicy.html
-> ok

main page bottom Privacy Policy link
http://cacert1.it-sls.de/policy/PrivacyPolicy.html
-> ok



with cert login

https://secure1.it-sls.de/account.php?id=39
displays:
"This page has been moved to the policy directory. Please update your bookmarks and report any broken links."
with link https://secure1.it-sls.de/policy/PrivacyPolicy.html
-> ok


main page bottom Privacy Policy link
https://secure1.it-sls.de/policy/PrivacyPolicy.html
-> ok
(this is the only one with extension html yet, all
other file endings are php)

Logout

About CAcert - Policies
Privacy Policy is listed as: PrivacyPolicy.html -> ok
links to https://cacert1.it-sls.de/policy/PrivacyPolicy.html -> ok

Uli60

2011-07-05 00:18

updater   ~0002081

logged out, using deep link
https://secure1.it-sls.de/account.php?id=39
redirects to
https://cacert1.it-sls.de/policy/PrivacyPolicy.html
-> ok

INOPIAE

2011-07-21 06:02

updater   ~0002170

Logged out
Link at bottom goes to pp.html (PrivacyPilicy.html) =>ok
Menu About Policys - https://cacert1.it-sls.de/policy/ Link to pp.html =>ok

Logged In Certificate
Link at bottom goes to pp.html =>ok
https://secure1.it-sls.de/account.php?id=39 - Information - Link to pp.html =>ok

Logged In Password
Link at bottom goes to pp.html =>ok
https://cacert1.it-sls.de/account.php?id=39 - Information - Link to pp.html =>ok

Ted

2011-07-21 21:06

administrator   ~0002174

Code review done.

Reviewed commits a3d7949c04a06539a8a0982968f711b7832d8672 (branch release) versus 313bbc31ddcad1ce554c347eb89f3ed8fa5ee860 (branch bug-921)

One small thing, why change the link http://wiki.cacert.org/wiki/CAcertIncorporated to http://wiki.cacert.org/CAcertIncorporated when both of them are redirected to http://wiki.cacert.org/Brain/CAcertInc?

Summary: Changes are acceptable

Ted

2011-07-21 21:08

administrator   ~0002175

Did some testing during review, no problems noticed.

Uli60

2011-07-22 01:39

updater   ~0002176

Last edited: 2011-07-22 02:39

 is fully tested

this patch should only cover consolidation of PP, to remove dupes
and not a complete policies cleanup

The big cleanup will follow in step 2, once all
policies somewhere in the webdb are moved to /Policy/ directory
this is done with this bugfix

A potential move or rework of policy repository
including renaming, collecting _all_ policies under the new repository
or other location, fixing all links, to get rid of the id=10, id=39 links, to get rid of the svn, wiki and other links and so on will be done in step 2
and to be handled under https://bugs.cacert.org/view.php?id=941
once https://bugs.cacert.org/view.php?id=921 is pushed to production
thhis to prevent doubled, double work in testing

step 1 is only link fixup for PP

Uli60

2011-07-26 23:46

updater   ~0002210

NEO rolled back

Uli60

2011-07-26 23:54

updater   ~0002211

Last edited: 2011-07-26 23:56

 logged out: bottom link
https://cacert1.it-sls.de/policy/PrivacyPolicy.html => ok
logged-in: bottom link
https://cacert1.it-sls.de/policy/PrivacyPolicy.html => ok
cert-logged-in: bottom link
https://secure1.it-sls.de/policy/PrivacyPolicy.html => ok

deep links:
1. http://cacert1.it-sls.de/index.php?id=10
shows: moved to the policy directory.
and link http://cacert1.it-sls.de/policy/PrivacyPolicy.html => ok

2. https://secure1.it-sls.de/account.php?id=39
shows: moved to the policy directory.
and link https://secure1.it-sls.de/policy/PrivacyPolicy.html => ok

NEOatNHNG

2011-07-26 23:56

administrator   ~0002212

Email sent to critical admins

wytze

2011-07-27 10:45

developer   ~0002214

Fix applied to production system on July 27, 2011. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2011-07/msg00009.html

Issue History

Date Modified Username Field Change
2011-04-17 02:09 Uli60 New Issue
2011-04-17 02:10 Uli60 Relationship added related to 0000671
2011-04-17 02:12 Uli60 Description Updated
2011-04-17 02:12 Uli60 Additional Information Updated
2011-04-17 02:12 Uli60 Status new => needs work
2011-04-17 02:12 Uli60 Assigned To => Uli60
2011-04-17 02:13 Uli60 File Added: account_stuff.php
2011-04-17 02:14 Uli60 File Added: general_stuff.php
2011-04-17 02:14 Uli60 File Added: 39.php
2011-04-17 02:15 Uli60 File Added: 10.php
2011-04-17 02:15 Uli60 File Added: PrivacyPolicy.php
2011-04-17 02:23 Uli60 Note Added: 0001932
2011-04-17 02:26 Uli60 Note Edited: 0001932
2011-04-17 02:35 Uli60 Note Added: 0001933
2011-04-17 02:36 Uli60 Note Edited: 0001933
2011-04-17 04:12 Uli60 File Deleted: PrivacyPolicy.php
2011-04-17 04:12 Uli60 File Added: PrivacyPolicy.php
2011-04-17 13:42 Uli60 File Deleted: PrivacyPolicy.php
2011-04-17 13:43 Uli60 File Added: PrivacyPolicy.php
2011-04-17 20:55 Uli60 File Added: CAcertCommunityAgreement.php
2011-04-17 20:55 Uli60 File Added: CertificationPracticeStatement.php
2011-04-17 20:56 Uli60 Note Added: 0001935
2011-04-21 02:48 NEOatNHNG Note Added: 0001936
2011-04-21 03:51 NEOatNHNG Note Added: 0001937
2011-04-21 17:59 Uli60 Note Added: 0001941
2011-04-26 20:35 INOPIAE Note Added: 0001944
2011-05-21 23:32 Uli60 Relationship added related to 0000941
2011-05-26 11:47 Uli60 Note Added: 0002009
2011-05-26 11:48 Uli60 Note Edited: 0002009
2011-06-15 15:06 NEOatNHNG Status needs work => needs review & testing
2011-06-19 16:53 NEOatNHNG Source_changeset_attached => cacert-devel master 76169d41
2011-06-19 16:53 NEOatNHNG Source_changeset_attached => cacert-devel master e1285946
2011-06-21 23:57 NEOatNHNG Source_changeset_attached => cacert-devel master 76169d41
2011-06-21 23:57 NEOatNHNG Source_changeset_attached => cacert-devel master e1285946
2011-06-21 23:57 NEOatNHNG Source_changeset_attached => cacert-devel master 313bbc31
2011-06-21 23:57 NEOatNHNG Source_changeset_attached => cacert-devel master d17953a5
2011-06-22 00:09 NEOatNHNG Source_changeset_attached => cacert-devel master 76169d41
2011-06-22 00:09 NEOatNHNG Source_changeset_attached => cacert-devel master e1285946
2011-06-22 00:09 NEOatNHNG Source_changeset_attached => cacert-devel master 313bbc31
2011-06-22 00:09 NEOatNHNG Source_changeset_attached => cacert-devel master d17953a5
2011-07-02 01:50 NEOatNHNG Reviewed by => NEOatNHNG
2011-07-05 00:15 Uli60 Note Added: 0002080
2011-07-05 00:18 Uli60 Note Added: 0002081
2011-07-21 06:02 INOPIAE Note Added: 0002170
2011-07-21 21:06 Ted Note Added: 0002174
2011-07-21 21:08 Ted Note Added: 0002175
2011-07-22 01:23 NEOatNHNG Reviewed by NEOatNHNG => Ted, NEOatNHNG
2011-07-22 01:30 NEOatNHNG Status needs review & testing => needs testing
2011-07-22 01:39 Uli60 Note Added: 0002176
2011-07-22 01:39 Uli60 Status needs testing => ready to deploy
2011-07-22 02:11 Uli60 Note Edited: 0002176
2011-07-22 02:25 Uli60 Note Edited: 0002176
2011-07-22 02:26 Uli60 Note Edited: 0002176
2011-07-22 02:38 Uli60 Note Edited: 0002176
2011-07-22 02:39 Uli60 Note Edited: 0002176
2011-07-26 23:46 Uli60 Note Added: 0002210
2011-07-26 23:50 NEOatNHNG Source_changeset_attached => cacert-devel master 38c89c37
2011-07-26 23:50 NEOatNHNG Source_changeset_attached => cacert-devel master 4676aaf4
2011-07-26 23:50 NEOatNHNG Source_changeset_attached => cacert-devel master ca081187
2011-07-26 23:54 Uli60 Note Added: 0002211
2011-07-26 23:56 Uli60 Note Edited: 0002211
2011-07-26 23:56 NEOatNHNG Note Added: 0002212
2011-07-27 10:45 wytze Note Added: 0002214
2011-07-27 10:45 wytze Status ready to deploy => closed
2011-07-27 10:45 wytze Resolution open => fixed
2011-07-28 21:55 NEOatNHNG Source_changeset_attached => cacert-devel release 0be067ea
2013-01-15 15:31 Werner Dworak Fixed in Version => 2011 Q3