Policy-Discussion

[Alaric Dailey <alaricd AT pengdows.com>]

I guess to be more clear, what I am suggesting is a "Power Assurer".  
This would be someone who is a CPA, bank-manager, or lawyer, and thus 
they are a -verifiable- trusted third party. They would go thru an extra 
step after becoming an assurer themselves, to prove that they are 
trusted third party, would then be able to give a person enough points 
to get the applicant to get their name in their cert, but not enough to 
become an assurer themselves. I am not saying that a single trusted 
third party who has not been verified by the system themselves should be 
allowed to verify someones identity.

A related idea would be, if I am a trusted third party and can prove it, 
that could give me a certain number of points towards my own assertion.

Alaric Dailey




Gary Lee Adams wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> ====
>
> G'day Alaric
>
> Your recent idea (as noted below) is an interesting one:
>
>  
>
> > Whether or not Notary Publics are left as TTP's, I am also wondering if
> > we shouldn't give people who are TTP's the ability to assign additional
> > assurance points...
> >    
>
> I thought that with both Thawte and CAcert one could get credit for
> using TTPs only by using two at a time.  Additionally, upon acceptance
> of the two TTP signed applications, I thought both Thawte and CAcert
> granted notary/assurance status with the ability to assign up to 35
> trust points to others you met face-to-face for notary/assurance purposes.
>
>    Note - I am aware that under special circumstances and
>    for a limited time CAcert sometime designates specific
>    individuals Super-Assurer status which enables them to
>    grant an individual enough points to become a 35-point assurer.
>
>
>  
>
> > ... it seems like a reasonable expectation that if I were a bank
> > manager, lawyer, or CPA, and had gone thru the assertion process, and
> > could prove my position, that I would be able to give people
> > additional points, perhaps even being able to give them enough points
> > to get their name in their cert.
> >    
>
> Without going the TTP application route, both Thawte and CAcert
> currently require you meet with _two or more_ notaries/assurers to gain
> the required 50 trust points to have your name included in your
> certificate.
>
> What rational would you suggest CAcert use to apply a lower standard
> than Thawte and assign up to perhaps 50 trust points to an individual
> based on a single TTP application?
>
> And what guidelines would you suggest CAcert ask such a TTP to follow to
> determine in each case how many points (up to your suggested 50) he's
> recommending CAcert should grant?
>
> - --
>
> Ciao
>
> Gary
>
>    "Cats are smarter than dogs. You can't get eight
>    cats to pull a sled through snow."  - Jeff Valdez
>
> ====
> .
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
>
> iD8DBQFCjgl7EHILFTa/Ou0RAiv/AJ9nd3N6ChPxIODkd4bmsrAI1T+l4QCgtEKV
> e1Xmi0ErnVbGRV1JkziNXSM=
> =r006
> -----END PGP SIGNATURE-----
>
>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature