Skip to Content.
Sympa Menu

cacert-policy - Re: Modification of SP

Subject: Policy-Discussion

List archive

Re: Modification of SP

Chronological Thread 
  • From: Peter Williams <home_pw AT>
  • To: "cacert-policy AT" <cacert-policy AT>
  • Cc: "cacert-policy AT" <cacert-policy AT>
  • Subject: Re: Modification of SP
  • Date: Wed, 31 Mar 2010 09:16:37 -0700

Given the record, that little change  raises questions of whether the security policy is improperly be used for matters  properly addressed through changes to the cps.

The cps is where one argues politics, and engages in social engineering relevant to 2020..The sp had to be purely objective, designed only to measure compliance to a 1930s design-era procedural control system. 

On Mar 31, 2010, at 8:55 AM, Philipp Dunkel <p.dunkel AT> wrote:

Hi all,
you will have indubitably noticed the veto of the CAcert Inc. board of the Security Policy.

In order to remedy the situation I would like to propose the following change to the WIP Security Policy:

alter to read:

  • Coverage
  • A background check is to be done for all critical roles. The background check should be done on all of:
    • Systems Administrator
    • Access Engineers
    • Software Assessor (including Application Engineer)
    • Support Engineer
    • Boardmembers that wish to part-take in decisions on granting access to data or other sensitive resources
this little change would give CAcert Inc. Board Members a choice of either undergoing a background check like every other security sensitive position, or alternatively not part-taking in certain decisions made by CAcert Inc. Due to the fact that it is now up to each member individually, and the CAcert Inc. membership is now free to vote anyone they choose onto the CAcert Inc. Board, the reason given for the veto would be remedied.

I would like to get a discussion on this started and see whether we can remedy the Security Policy and move it back into DRAFT. So please all take part and be merry.

Regards, Philipp

Archive powered by MHonArc 2.6.16.

Top of Page