Skip to Content.
Sympa Menu

cacert-policy - RE: improving p20100306 - minor changes

Subject: Policy-Discussion

List archive

RE: improving p20100306 - minor changes

Chronological Thread 
  • From: Peter Williams <home_pw AT>
  • To: "cacert-policy AT" <cacert-policy AT>, "cacert-policy AT" <cacert-policy AT>
  • Cc: Ian G <iang AT>
  • Subject: RE: improving p20100306 - minor changes
  • Date: Wed, 20 Feb 2013 16:24:27 +0000
  • Importance: Normal

In your typical public CA, there is appointed a specially-trusted individual. Perhaps call her the policy officer. She is trusted “to do the right thing” - and use her non-reviewable power to manipulate the rules “when the times comes”. She is indoctrinated to obey “at that time” - and otherwise do hum drum stuff of any board secretary. Perhaps she is a he, for all it matters.
If you want a historical analogy, s/he awaits Herod’s order to kill every male child (some one of which threatens Herod). And off s/he goes a-killing, without a qualm - for no other reason than Herod commanded it. The main mission is to find the one turncoat who would spite Herod (and save not just a male child, but the very one he was after...). This is why s/he was made ‘policy officer’ - placed to gather the intuition on who could not be trusted “when the times comes”.
So the challenge to CAcert is to break the tradition. Solve the problem (find  a disciplined person, who enjoys organization); but prevent the “trust” cycle repeating. It comes down to ensuring transparency and ensuring that the policy officer has no power to act in an covert setting or set a rule that introduces a special caveat (the covert setting rule-making power).
CACert would be the first CA to succeed at this, if it does. All the others succumbed to relative trivial financial inducements to introduce the “appropriate” trust regime over rule making.
Sent from Windows Mail
From: Guillaume ROMAGNY
Sent: ‎February‎ ‎19‎, ‎2013 ‎10‎:‎59‎ ‎PM
To: cacert-policy AT
CC: Ian G
Subject: Re: improving p20100306 - minor changes
Hello Ian, Hello all,

Le 20/02/2013 04:30, Ian G a écrit :
> Software Assessment in its last telco meeting declined to take some
> new policy changes with links modifications, according to p20100306:
>      [...]
> They said that, as the Policy Officer position is not listed in the
> Officer's page, they decline to recognise the effect of the motion.
> [...]
> Still, the message is clear, Software Assessment have decided to stop
> after 3 years of success.  I want to preserve the intent of the
> motion, and I see three possibilities:
>    1. vote on a policy officer.
>    2. adjust the above words so they say Policy Team instead
>       of Officer, and add a caveat that the changes are
>       notified to policy group (our general practice anyway).
>    3. incorporate words into PoP to that effect.
> What do people think?  Prefer 1,2,3 or something else?

The best case scenario in my point of view is having 1+2(*)+3(*)

(*) 2: we could amend you proposal saying Policy Officer or Policy Team
3: amend to define what is the "Policy Team" like a quorum of 5% of the
policy mailing list composed presumably by members having cast a vote on
a policy motion in the last 6 months (or any better idea).

No need for apologies, you are pretty right. We need to unlock the

Best regards,


Archive powered by MHonArc 2.6.16.

Top of Page