Subject: Policy-Discussion
List archive
- From: Russell Smith <mr-russ AT pws.com.au>
- To: cacert-policy AT lists.cacert.org
- Subject: [CAcert-Policy] Allowing multiple people administration access to one domain
- Date: Sun, 30 Oct 2005 21:04:25 +1100
- List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
- List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
Dear Policy Listers,
I've had a short discussion on IRC regarding the possible merits of allowing multiple people to administer a domain if they can show they control the domain via the standard email probe.
From my point of view, I am a contractor who would like to encourage clients to sign up with CACert, but at the same time it is easier for me to manage their domains. Some are organizations, others are not. Currently it's not possible for anybody except the CACert office to verify organization entities.
Anther issue also arises where I may want an employee to administer a domain we are working with. However unless I am an Organization it is not currently possible to delegate domain management to others without handing over full rights and having all your certificates revoked.
This gives rise to a couple of ideas and options
1. Attempt to encourage people to do the work to get organizational assurance. (Not always possible)
2. Allow multiple people to manage a domain
3. Allow control to be delegated for domains which a single user still owns the domain.
4. Do nothing
The question has also been raised about whether this is functionality that the general user would want. There has been a large discussion on the automation of certification creation and this may fit into that in some as well.
If multiple people were to be able to manage a domain, the issue of someone having >50 points, and somebody having <50 point could be a problem. I would suspect that most people want at least 50 points, and should get there first anyway. So unless you and the person you are delegating to has >50 point, you can't delegate.
Hopefully that all makes sense and a few people would be willing to offer opinion on this.
If this is approved in some fashion or another as an option, I will be taking on the job to produce the patch that will implement this functionality. So the question is not of who and when, but of if and what.
Regards
Russell Smith
Blaze I.T.
- [CAcert-Policy] Allowing multiple people administration access to one domain, Russell Smith, 10/30/2005
- Re: [CAcert-Policy] Allowing multiple people administration access to one domain, Duane, 10/30/2005
- Re: [CAcert-Policy] Allowing multiple people administration access to one domain, Philipp Gühring, 10/30/2005
- Message not available
- Re: [CAcert-Policy] Allowing multiple people administration access to one domain, Philipp Gühring, 10/30/2005
- Message not available
Archive powered by MHonArc 2.6.16.