Policy-Discussion

[Ian G <iang AT cacert.org>]

On 21/01/2010 02:03, Alexander Prinsier wrote:
> On 01/21/2010 01:47 AM, Faramir wrote:
> >    NAYE. I think it is clear the names allowed must be present in a
> > government issued Photo-ID, if those documents are available in that
> > country.
>
> It's not sufficiently clear. As an arbitrator I've come across cases
> where members have an assured account with a name which is not on any
> government issued ID. At least all assurers who assured these people
> thought it was not sufficiently clear and ok to do so.


I think the pragmatic question we might want to ask is, were these 
assurers pre-CATS & AP, or post-CATS & AP?

Recall that the majority of assurances were probably done in the period 
from 2002 (?) to 2008.  During those periods, very roughly, there were 
no controls, no policies (by observation, not fact), no training, etc etc.

Come the end of 2008, we had AP in place, we had CATS up and running for 
a year, and the infamous switch was turned on so all later assurances 
were done by CATS-challenged assurers.

This is a big shift.  It is easy to underestimate the importance of the 
shift......  the assurance outlook from pre-2008 is radically different 
to the post-2008 world.


> In these cases the name on the account is a slight variation or an
> abbreviation of the official name.
>
> That's why I'm asking for a clear signal from the policy group about
> these issues. The policy is unclear about this. Several arbitrators have
> discussed about these issues for many hours and are forced to make
> lightly founded decisions. A clear policy would help and solve this.


It would not solve it, IMHO.  It might solve the apparent rules problem, 
but it wouldn't solve the underlying problem which is that there is no 
one universal definition of names.  As we lack a one true universal 
definition of names, we cannot write a policy to capture it.

What we could do is write our policy to stress our own one true 
definition of names.  But that wouldn't capture reality, we would be 
struggling, pushing the cart before the horse, until the rest of eternity.


> So it appears at least some of you agree that in countries that issue
> government ID's, the name *must* exactly match the name on the account
> (unless for a technical reason). Let's go in this direction.


I don't agree :)  What happens when you have a driver's licence with one 
name, and a passport with another?

What happens when your last-year's Id-card disagrees with your 
this-year's card?

What happens when a person marries?  What happens when a person is a 
citizen of one country with "tight" rules on names (whatever that means) 
and also a citizen of another country with loose rules or incompatible 
rules?

This tends to be the case with all peoples with immigrant histories, 
sometimes quaintly known as "the new world".  Americans will recall the 
history of the island off New York where the job of the official was to 
mangle the name into some americanisation.  So by rights (literally, 
dictated by that government) people suddenly had two incompatible names 
by arbitrary dictat.


> For Europe only: do we allow names on accounts that can not be found on
> any official document?


Check out AP1 and AP1.1.  Earlier I mentioned that the framers did other 
things to make the question of Names less key.  AP1.1 is part of it. 
AP1.1 indicates what assurance is;  it is not solely the provision of 
evidence over a name, it is a bunch of other things that taken together 
provide a whole, a complete picture.

In that holistic view, the question of exact names is not as important.

Also note that setting tighter rules for Europe than other places is a 
discrimination.  According to principles, we wouldn't do that without a 
very clear justification.  Is there one?



iang

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature