View Issue Details

IDProjectCategoryView StatusLast Update
0001506Main CAcert Websiteweb of trustpublic2021-02-20 04:19
ReporterTed Assigned Tojaph  
Status newResolutionopen 
Summary0001506: Implement some notification for Assurers to destroy CAP forms 7 years after an Assurance
DescriptionSince we came to the conclustion that CAP forms should be destroyed 7 years after an Assurance (see <> and <>), @japh has proposed to implement a notification mechanism to assist Assurers with this.

Several options seem to be available, including but not limited to:
- Notification by e-mail
- Notification on the web page when logging in to the CAcert account

We should try to collect more detailed requirements and specifications here before starting implementation.
TagsNo tags attached.
Reviewed by
Test Instructions



2021-02-20 04:19

updater   ~0005959

Proposed changes:

comments and suggestions welcome!

1. prepare a standard email template
    - include placeholders for recipient and perhaps the number of expired
        assurances since last login or last reminder
    - should be as succinct / concise as possible
    - e.g.
            <number> of your CAcert assurances have recently past their required,
            7 year retention age.
            In the interests of data security (e.g. GDPR), please destroy any
            CAP forms in your possession which are older than 7 years.
    - inform the assurer that they can change their reminder preference via
        their "My Alert Settings" page.
    - the reminder email should NOT contain any personal information
        (except the repient's email (and name?))
    - don't assume english - use `users.language` to automatically select
        appropriate language?
    - reminder text should be available in all supported languages (help needed!)

2. add a new alert preference flag, e.g. `alerts.cap_expiry`
    - only relevant => visible for assurers, via their "My Alert Settings" page
    - when set, allow CAcert to send a reminder email when assurances made by
        the assurer have "recently become 7 year old" (expired)
    - allows at most e.g. 1 reminder email per month
    - default 'on' for existing members? (otherwise we wouldn't send any reminders)
        OR, set default NULL, send exactly 1 reminder if the flag is NULL and
        then automatically set the flag to "off".
        This would mean that active assurers are informed that they can opt-in
        to getting reminders emails.
        Inactive assurers get a one-off reminder and then automatically return
        to being inactive. i.e.: no need for them to do anything to remain inactive.

3. write a new script to send reminders, based on existing notification scripts.
    - may be run daily (for 1/28'th of the assurers) or monthly (over all assurers)
    - identify expired assurances by comparing ``, `notary.when`
        or `notary.expire` against "now - 7 years"
        (which field would be most appropriate?)
    - DO NOT send emails to assurers who received a reminder recently, or
        logged in since the most recent assurance expiry
    - appropriate fields to check?
    - add new date record
            e.g.: users.last_cap_expiry_reminder (date)
    - query to find people to send reminder to:
            e.g.: (sample only)

                cutoff as (
                        max( users.last_cap_expiry_reminder, users.lastLoginAttempt ) as last_reminder
                    from users
                    group by
                    count(*) as num_expired
                    join notary on notary.from =
                    join cutoff on =
                    -- correct reference date?
                    -- or notary.when
                    -- or notary.expired
           > date_sub( cutoff.last_reminder, interval 7 years )
                group by

4. add a prominent reminder to login pages
   ("My Alert Settings" page)
   ("My Points" page - add new column "Destroy CAP Form (y/n)" ?)
    - use text similar to the reminder email
    - only display reminder if assurances have expired since the last login
        assume that emails have been lost in transit
        or provide positive confirmation that the email received was not sent
        erroneously / maliciously
    - use similar query to above, but only check last login date
    - ignore logins on same day, i.e.: prevent edge case of
        failed/short/interrupted login automatically cancelling the UI reminder.
        Keyword: "de-bounce"
    - I do not envision a requirement for assurers to confirm CAP form destruction

Issue History

Date Modified Username Field Change
2021-02-13 17:17 Ted New Issue
2021-02-13 17:17 Ted Assigned To => japh
2021-02-20 04:19 japh Note Added: 0005959