CAcert Code Development list.

[Ian G <iang AT cacert.org>]

Access Engineers, Software Assessors, Support Engineers, Systems Administrators,

(and other folks, please forward)

Security Policy has been with us for some time.  It has recently been pointed out that SP has lived in DRAFT for long enough. So there is some sense within policy group of putting it to the vote:

      Let's take Security Policy to POLICY.

https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html

Before we do that, we should probably make enough noise and give the teams a chance to think about this.  How's your Security Policy working for you?

If there is something in the relevant section of SP that could benefit from the experience of the last couple of years, maybe this is a good time to push through a change.

Ways to do this might include following random ideas:

    Read the SP, at least the section relevant to your team.
    Perhaps also debate it within the team,
    Put it on the agenda for next meeting.
    Compare SP to the appropriate section in the SM.

If anything pops up, try and write a new clause, or a new para.  Turn it into a motion that can be posted on Policy Group:  "Resolved, that SP x.y.z. be changed to say MNOPQ."  Debate, ask, muse.

If nothing pops up - and especially if the wording seems approximately OK -- there is presumably nothing for you to do.  And the vote to POLICY will possibly sail through without further ado!



iang