Skip to Content.
Sympa Menu

cacert-policy - Re: [CAcert-Policy] Policy RFC ( Was: [Fwd: OFF-LIST! Re: [CAcert-Support] [website form email]: Trusted Third Party])

Subject: Policy-Discussion

List archive

Re: [CAcert-Policy] Policy RFC ( Was: [Fwd: OFF-LIST! Re: [CAcert-Support] [website form email]: Trusted Third Party])

Chronological Thread 
  • From: Evaldo Gardenali <evaldo AT>
  • To: Policy-Discussion <cacert-policy AT>
  • Subject: Re: [CAcert-Policy] Policy RFC ( Was: [Fwd: OFF-LIST! Re: [CAcert-Support] [website form email]: Trusted Third Party])
  • Date: Thu, 26 May 2005 01:54:25 -0300
  • List-archive: <>
  • List-id: Policy-Discussion <>


Uh, if we require that *both* managers sign stuff, it might be more difficult to get this to work. So, the idea was to give super-assurer (power to give 150 points) to the managers, legally backed by an agreement with the bank, or with the managers involved.

When things get too bureaucratic, they tend to work in a suboptimal way (i.e. one of the managers might not even look at the documents since the other looked and sign the form, which adds no security to us).

Bank managers are way too busy too often, so overloading the paperwork is bad IMHO :)


P.S. I am not talking about a specific bank. I am just extending the idea to what I know about banks, since mom was a bank manager for almost 30 years, and I used to visit her at work ;)

Alaric Dailey wrote:
Not to rain on your parade, but if they want to do this for the public at large, wouldn't they just become assurers and assign points more quickly?

If we stop and think about it, the only reason to create an "assurance agreement" like you talking about is so that they could assign 75 points each to the person, and thus give them their full assurance points to become an assurer themselves. But then it sure sounds like my "Power Assurer" idea from last week.

Alaric Dailey

Evaldo Gardenali wrote:

I just thought in a nice addition to our assurance policy, and submit it as a request for comments here :)

In case CAcert assures a "trusted" organization, we could establish an "assurance agreement" or something like that, so that these institution can offer easy access to CAcert assurances to the public at large.

It is worthy to note that most banks have at least two managers per site, meaning that TTP *is* a viable option, but maybe too complicated if it is going to happen "en mass". I was thinking more like a "WoT" form, without requiring them to mail documents to CAcert, but under special conditions, giving 150 points, for example, directly.

Of course, an ideal way would be to establish an "assurance agreement" contract, because we are delegating "super-assurer" status to an organization in a long-term basis.

So, as an RFC, we need comments, I think :)



Duane wrote:

CAcert Website wrote:

My company has just joined CAcert and am attempting to document who we are. We are Oak Hill Banks, a regional bank that covers the southern part of the state of Ohio in the US. I have sent emails to a few Assurers to establish who we are, but wonder if there is some way that we can establish our identity directly to CAcert. We would be able to validate other users in a large area of this state as we have identification measures that are not available to other people. Please advise.

Since you are a bank it's kind of very easy, we have a trusted third
party system to have ID information checked/verified and sent into us,
and one of the requirements allows bank managers to do the ID checks.


Have you subscribed to our RSS News Feed yet?

CAcert-Policy mailing list
CAcert-Policy AT


Have you subscribed to our RSS News Feed yet?

CAcert-Policy mailing list
CAcert-Policy AT

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Archive powered by MHonArc 2.6.16.

Top of Page