Policy-Discussion

[Duane <duane AT cacert.org>]

Russell Smith wrote:

> What audit, there has been no audit that I am aware of.

We actually have had a "first run" draft type audit where someone has
read over everything and inspected what documentation existed and gave
us some feed back on it.

> Only the people who collect it (assurers), the person who supplied it and 
> people with physical server access.
> The only information kept (Except for TTP) is Name and date of birth.  
> Assurers have types of ID used, which is basically pointless for useful 
> information.
> Everybody knows they types of ID another person is likely to have.

Ideally the assurer should get permission from person being assured, but
this has it's own draw backs but perhaps we should be trying to move in
this direction.

> I'm not sure how much information there is to 'protect' for Web of Trust.  
> For code signing certificates and TTP forms, there is physical security of
> documents which I have asked questions about before.  How secure are our 
> Date of Birth and Name anyway?

Name and Date of Birth are a good start for people wanting to commit
identity theft, since we also store a location (or a good approximate)
that would also be useful.

> I'm not sure of the physical server protection, apart from what is written 
> about server comprimise and security there.

I'd really like to have Xen setup on the server, and other things that
don't exist like an SQL proxy to reduce risk if there is a breach and
limit how much information can be exacted in that situation.

Currently running a pair of firewalls, jailed processes and things like
that, the server is in a secure colo facility, which is also a facility
a number of banks do their web hosting in actually.

>>5.  do we key everything on some external
>>    datum or on our own internal number?
> 
> I don't understand completely what you mean here.

The system uses it's own internal number, but assurers utilise name,
date of birth and email address as key points to identify an individual.

-- 

Best regards,
 Duane

http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://happysnapper.com.au - Sell your photos over the net!
http://e164.org - Using Enum.164 to interconnect asterisk servers

"In the long run the pessimist may be proved right,
    but the optimist has a better time on the trip."