incorporated Application Engineer Dropping proposal from Andreas, as per compromise by Iang, which refers some of the issue of Production to SM.

git-svn-id: http://svn.cacert.org/CAcert/Policies@1910 14b1bab8-4ef6-0310-b690-991c95c89dfd

SecurityPolicy.html

@@ -36,6 +36,16 @@ th {
 }
 .strike {
 	color : blue;
+	font-weight: bold;
+	text-decoration:line-through;
+}
+.change2 {
+	color : #151B8D;
+	font-weight: bold;
+}
+.strike2 {
+	color : #151B8D;
+	font-weight: bold;
 	text-decoration:line-through;
 }
 a:hover {
@@ -48,6 +58,7 @@ a:hover {
 <body lang="en-GB">
 
 <ul class="change">
+<li class="change2"> 20100530: Package of changes to drop the Application Engineer and place those responsibilities back with the Sysadm team.  Exception added to permit t/l to bring in a Software Assessor under controlled basis.  Because this change is non-trivial, and a compromise in late voting stage, it is marked in a different blue.</li>
 <li> 20100525: Two detail changes from Tom Trnka.</li>
 <li> 20100513: With some consensus from policy group, changed the text in 2.2.1.1 to transfer the detailed handling of pre-purchase risks to SM.</li>
 <li> 20100512: Some clarifying tweaks to semantics supplied by Philipp G, added Arb as a role in 9.1.1. but not as critical role. </li>
@@ -112,13 +123,14 @@ These roles are defined as:
 </p>
 
 <ul><li>
-      Access Engineers
+      Access Engineer
     </li><li>
-      Systems Administrators
+      Systems Administrator
     </li><li>
-      Support Engineers
+      Support Engineer
     </li><li>
-      Software Assessors (including Application Engineers)
+      Software Assessor
+<span class="strike2">(including Application Engineers)</span>
 </li></ul>
 
 <h4 id="s1.1.2">1.1.2. Out of Scope </h4>
@@ -172,12 +184,12 @@ deriving from the above principles.
     See &sect;1.1.
 </dd>
 
-<dt><i>Application Engineer</i> </dt>
+<dt><i><span class="strike2">Application Engineer</i> </span></dt>
 <dd>
-    A Member who manages the critical application,
+    <span class="strike2">A Member who manages the critical application,
     including installing them on the critical system,
     final testing, emergency patching, and ad hoc scripting.
-    See &sect;7.2.
+    See &sect;7.2.</span>
 </dd>
 
 <dt><i>Software Assessor</i> </dt>
@@ -388,7 +400,7 @@ one Systems Administrator present.
 <p>
 There is no inherent authorisation to access the data.
 Systems Administrators
-<span class="change">
+<span class="strike2">
 and Application Engineers
 </span>
 are authorised to access
@@ -544,12 +556,17 @@ independent of filed disputes.
 
 <h3 id="s3.3"> 3.3. Application </h3>
 
-<p>
+<p class="strike2">
 Systems administration is to provide a limited environment
 to Applications Engineers in order to install and maintain
 the application.
 </p>
 
+<p class="change2">
+Requests for ad hoc queries over the application database for business
+or similar purposes must be approved by the Arbitrator. 
+</p>
+
 <h3 id="s3.4"> 3.4. Access control </h3>
 
 <p>
@@ -595,21 +612,21 @@ authorisations on the below access control lists
   <td><span class="change">Systems Administration team leader</span> <span class="strike">Board of CAcert (or designee)</span></td>
  </tr><tr>
   <td>SSH Access List</td>
-  <td>Systems Administrators <span class="change">and Application Engineers </span></td>
+  <td>Systems Administrators <span class="strike2">and Application Engineers </span></td>
   <td>Unix / account / shell level</td>
   <td> includes by default all on Physical Access List </td>
   <td>Systems Administration team leader</td>
  </tr><tr>
   <td>Repository Access List</td>
-  <td>Application Engineers</td>
+  <td><span class="change2">Software Assessors</span> <span class="strike2">Application Engineers</span></td>
-  <td>change the source code repository and install patches to application</td>
+  <td>change the source code repository <span class="strike2">and install patches to application</span></td>
   <td>exclusive with Access Engineers and Systems Administrators</td>
   <td>software assessment team leader</td>
  </tr><tr>
   <td>Support Access List</td>
   <td>Support Engineer</td>
   <td>support features in the web application</td>
-  <td> <span class="change">exclusive with Access Engineers and Systems Administrators;</span>  includes by default all <span class="change">Application Engineers</span> <span class="strike">Systems Administrators </span> </td>
+  <td> <span class="change">exclusive with Access Engineers and Systems Administrators</span>  <span class="strike2">includes by default all Application Engineers Systems Administrators </span> </td>
   <td><span class="strike">Systems Administration</span> <span class="change">Support</span> team leader</td>
 </tr></table>
 
@@ -659,17 +676,26 @@ must be strictly controlled.
 Passphrases and SSH private keys used for entering into the systems
 will be kept private
 to CAcert sysadmins
-and Application Engineers
+<span class="strike2">and Application Engineers</span>
 in all cases.
 </p>
 
 <h5 id="s4.1.1.1">4.1.1.1. Authorized users </h5>
 <p>
 Only System Administrators
-and Application Engineers
+<span class="strike2">and Application Engineers</span>
 designated on the Access Lists
-in &sect;3.4.2 are authorized to access accounts,
+in &sect;3.4.2 are authorized to access accounts.
-unless specifically directed by the Arbitrator.
+<span class="change2">
+System Administration team leader may temporarily permit Software 
+Assessors access to the application via SSH in order to do advanced 
+debugging, or as
+</span>
+<span class="strike2">Other</span>
+specifically directed by the Arbitrator.
+</p>
+
+<p>
 </p>
 
 <h5 id="s4.1.1.2">4.1.1.2. Access to Systems</h5>
@@ -951,10 +977,11 @@ Software assessment is not primarily tasked to write the code.
 In principle, anyone can submit code changes for approval.
 </p>
 
-<p>
+<p class="q"> Moved to SM 3.3 </p>
+<p class="strike2">
 The primary tasks for Application Engineers are:
 </p>
-<ol><li>
+<ol class="strike2"><li>
     Installing signed-off patches,
   </li><li>
     Verifying correct running,
@@ -1032,7 +1059,8 @@ any Member that requests it.
 
 <h3 id="s7.6"> 7.6.  <span class="strike">Handover</span> <span class="change">Production</span> </h3>
 
-<p class="change">
+<p class="q"> Blank, now refer to SM 7.6 </p>
+<p class="strike2">
 The Application Engineer is a role within Software Assessment
 team that is approved to install into production the
 patches that are signed off.
@@ -1048,11 +1076,13 @@ which then must be back-installed into the repositories.
 </span>
 </p>
 
-<p class="change">
+<p class="q"> this below moved to &sect;3.3 </p>
+
+<p class="strike2">
 Requests to Application Engineers for ad hoc queries over the database for business or similar purposes must be approved by the Arbitrator. 
 </p>
 
-<p>
+<p class="strike2">
 See &sect;3.3.
 </p>
 
@@ -1145,9 +1175,9 @@ or Case Managers.
 
 <ul>
     <li> Access Engineer: responsible for controlling access to hardware, and maintaining hardware. </li>
-    <li> System administrator: responsible for maintaining core services and integrity. </li>
+    <li> System Administrator: responsible for maintaining core services and integrity. </li>
     <li> Software Assessor: maintain the code base and confirm security ("sign-off") of patches and releases.</li>
-    <li> Application Engineer: install application updates and confirm basic working.</li>
+    <li class="strike2"> Application Engineer: install application updates and confirm basic working.</li>
     <li> Support Engineer: human interface with users.</li>
     <li> Team leaders: coordinate with teams, report to Board.</li>
     <li> All: respond to Arbitrator's rulings on changes. Respond to critical security issues. Observe.</li>