Policy-Discussion

[Jens Paul <cacert AT canyonsport.de>]

Hi Jac,

> > Seems that no one is joining in :-)
> May-be we need a little more time to consider things?? ;-)

Sorry, sometimes I'm speeding to much when discussing with Ian :-)

> > > 2. Have a Supervising Assurer add a countersignature on every 
> > > assurance done by the Youth Assurer.
> >
> > I like this idea, but is it possible and controlable?
>
> > From a policy point of view I like this option best. Technically this 
> might be (a bit) harder to implement. Is the supervising assurer 
> allowed to assure the person as well? (That might make it more 
> actractive for the person to be assured) And is an supervising assurer 
> allowed to supervise for multiple youths for someone seeking 
> assurance? (That opens the door for another paranoid abuse case)

(A) Yes, I think he should be able to assure that person as well. This 
double assurance means 10 more points than the single assurance, so we 
still be under 50 points and have another assurer into the process. So 
not that much of a risk.

(B) Supervising. Hmm, supervising multiple youth is only a problem if 
they assure the same applicant. But even then, we still have an adult 
who can made be liable. Something we do not have if only youth assurers 
where in the process. The possibility that you made be liable is already 
a (small) barrier against missusage. I could live with that small risk, 
let's see what others think.

> > > 3. The null option -- we leave the system as is, with Youth Assurers 
> > > limited to 10 points, and that's it.
> >
> > Than we keep all those problems. Big NO from me-
>
> NO +1

> > > 4. The zero option -- turn off all Youth Assurance.
> >
> > I don't like loosing all those youth assurers, but I think it is the 
> > only way we could handle that issue.
>
> I think option 2 shows promise.

Totally agreed!

> > So for example I use CAcert certs to strenghten the evidence of my 
> > mails. But if this cert was assured by a youth assurer will it be 
> > still called "trustworthy" by a court? If not, while I expected a 
> > strenghtened evidence I got a weakened one. So as a "user" of CAcert 
> > certs I need to check the age of the assurers to decide wheter my 
> > certs are good or not to strengthen an evidence. Tough decission then.
>
> If one needs to check the assurance path in order to find the level of 
> convidence the certs signed by that CA are doomed in my book. Joe 
> *average* User will not be able to do so and I honestly won't be 
> inclined to do so even if I could. I simply would assign a very low 
> trust value to all certs from that CA.

Exactly. So either we need to find a a good way, or we should warn 
applicants about this fact. Honestly, I would see it as a "low trust 
value" and stop using such certs in a meaning of "evidence 
stregthening". But I can only make such a decission if I know about the 
risk :-) Well, at the moment it looks like we tend to like (2) so maybe 
we can find a way to deal with it ...

> > Or the other example was that a bunch of criminals hire some youth 
> > (which cannot made liable as we assume) to issue fake certs which 
> > they for example use with spam mails (especially nice when we are in 
> > the browsers) or anything else. As soon as we know we can block those 
> > certs and the yout assurers, but "seconds" later they hire the next 
> > youth. So my main point was that this could lead to a point which 
> > makes CAcert certs totally useless.
>
> A youth does not have to be an assurer to get fake certs. So are we 
> going to have to stop issuing certs to legal minors as well? Consider 
> three assurers going to a collega and assuring everyone for some 
> perfectly legal purpose (like client certs to access a website.) Now 
> someone with less honest intentions offers a significant number of 
> those assured $$$ for a certificate. Are we going to revoke the 
> assurances for everyone those three assurers have assured?

Well, if a youth member uses his cert in a bad way, we can revoke that 
cert and block that user. So "they" need to get the next one assured. A 
pretty slow process if you compare it to the other way: get a bunch of 
youth assurers, issue many many fake certs, let those fake certs assure 
each other. Even if we then block those assurers, could we revoke all 
assurances they did? Maybe there are many correct ones ... in a 
practically meaning I think this would be way harder to deal with.


> > Than we should work together. I know a lot of youth you can pas that 
> > test and after that giving them 50� they are willing to issue 
> > whatever cert I like ....
>
> They're only able to assure you. Not issue any certs.
OK, say it that way: ... they are willing to assure as many fake persons 
as I like ...

Regards
Jens
begin:vcard
fn:Jens Paul
n:Paul;Jens
org:CAcert Inc.
email;internet:cacert AT canyonsport.de
title:Education Officer
version:2.1
end:vcard