Subject: Policy-Discussion
List archive
- From: Ian G <iang AT cacert.org>
- To: cacert-policy AT lists.cacert.org
- Subject: Re: SP holes/ questions - root key managment
- Date: Sat, 27 Mar 2010 12:26:25 +1100
- Authentication-results: lists.cacert.org; dkim=pass (1024-bit key) header.i= AT cacert.org; dkim-asp=none
On 27/03/2010 11:42, Daniel Black wrote:
I think that bugged me while doing root key escrow procedures 9.2.3.
9.2.3. Recovery
Recovery must only be conducted under Arbitrator authority.
I don't know why this is here. There will be procedures for subroot generation
so I'm not sure what arbitrator control is required. Really only board control
is required to recover as it follows on from 9.2.4
It's because the Arbitrator is used to evaluating issues such as these, and is better at it than the board is.
replace to "Recovery must only be conducted under board control"
9.2.4 Revocation is oddly enough blank.
My suggestion here is as we the rest of root processes are under board control
this should be also.
As above. It's blank because there is nothing to say as yet, and therefore the SM is expected to fill it out. If in the process we discover something that should be in the Policy, then over to policy group it goes.
"Revocation of root and subroots must only be performed under board control"
Arbitration isn't required. It will be a decision of the board based on
evidence and it isn't an abnormal procedures - only hopefully a very
infrequent only.
Indeed, it's based on evidence, and policy, and the Arbitrator is well accustomed to dealing with these things. It is an unusual procedure because it is one that isn't supposed to happen, and needs complicated thought, so again this is better off in the Arbitrator's hands.
Putting the unexpected and unusual in the hands of the Arbitrator was one of CAcert's biggest successes. Boards plural have shown themselves unable to deal with these things. Arbitrators on the other hand have shown themselves able to read and interpret policies, and make decisions within them.
Boards are better off doing what boards do best: managing the business. Arbitrators are better off doing what they do, dealing with the exceptions.
iang
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- Re: SP => POLICY?, (continued)
- Re: SP => POLICY?, Ian G, 03/23/2010
- Re: SP => POLICY?, Dieter Hennig, 03/23/2010
- Re: SP => POLICY?, Ian G, 03/24/2010
- Re: SP => POLICY?, Dieter Hennig, 03/24/2010
- Re: SP => POLICY?, Ian G, 03/24/2010
- Re: SP => POLICY?, Dieter Hennig, 03/23/2010
- RE: SP => POLICY?, Ernestine, 03/23/2010
- Re: SP => POLICY?, Ian G, 03/24/2010
- Re: SP => POLICY?, Michael Tänzer, 03/27/2010
- Re: SP => POLICY?, Ian G, 03/27/2010
- Re: SP review questions comments and improvements, Daniel Black, 03/25/2010
- Re: SP holes/ questions - root key managment, Daniel Black, 03/27/2010
- Re: SP holes/ questions - root key managment, Ian G, 03/27/2010
- Re: SP holes/ questions - root key managment - board control, Daniel Black, 03/27/2010
- Re: SP holes/ questions - root key managment, Ian G, 03/27/2010
- Re: SP holes/ questions - root key managment, Daniel Black, 03/27/2010
- Re: SP => POLICY?, Daniel Black, 03/25/2010
- Re: SP => POLICY?, Ian G, 03/26/2010
- Re: SP => POLICY?, Daniel Black, 03/26/2010
- Re: SP => POLICY?, Ian G, 03/27/2010
- Re: SP => POLICY?, Mario Lipinski, 03/27/2010
- Re: SP => POLICY?, Ian G, 03/27/2010
- Re: SP => POLICY?, Mark Lipscombe, 03/27/2010
- Whether the Association is under PoP, Ian G, 03/27/2010
- Re: SP => POLICY?, Mark Lipscombe, 03/27/2010
- Re: SP => POLICY?, Ian G, 03/27/2010
- Re: SP => POLICY? (board background checks + outsourcing), Daniel Black, 03/27/2010
- Re: SP => POLICY?, Mario Lipinski, 03/27/2010
- Re: SP => POLICY?, Ian G, 03/27/2010
- Re: SP => POLICY?, Daniel Black, 03/26/2010
- Re: SP => POLICY?, Ian G, 03/23/2010
Archive powered by MHonArc 2.6.16.