Policy-Discussion

[Alex Robertson <alex-uk AT cacert.org>]

Hi, Eva & list

On 27/05/2014 06:26, Eva Stöwe wrote:
> > 3.3 is OK with the policy solution *provided* that a policy is "in
> > place" - I have issues and concerns if it is left undefined - including
> > that it may well be problematic with various countries legislation on
> > unfair contracts (many countries require it to be clear how a contract
> > may be terminated.) As a first pass, why not (at least for the time
> > being) define the termination policy as "Only an arbitrator may
> > terminate this agreement" and return to it later.
> because it is not possible for the case of death, arbitration requires
> us to define something else here....
As an Arbitrator I placed an action on Policy Group to "update the CCA 
and related documents to cater for the death of a community member" as 
there was no reference to this occurrence - there was no specification 
as to what that action should be.

Including the death of a member as a trigger is sufficient to meet that 
demand.

However then leaving it with a non-existent  policy as to what the 
response to that trigger should be negates that.

Therefore please either define the subsidiary policy - or leave the 
current text alone (or put it into in a "stub" policy) - you can always 
come back to it later.

> There is also no reason for sharing of an account (assisting someone 
> with the access for example because of medical reasons is not sharing!).

Hmm... then perhaps what YOU mean by "sharing" is not what I mean.... so 
warrants clarification. If anyone else has access to the account or to 
the machine, the account's security  becomes questionable. This could 
(I'm not saying it will!) easily occur in the example above or in the 
case of multiple users on a single machine or even in the case of the 
theft of a machine.

> It would contradict the ideas of our accounts, the definition of a
> member in CCA and the idea of AP. It also contradicts our privacy and
> security ideas of not sharing personal information (in the case of
> assurances) and to keep precautions that someone else can impersonate
> oneself.
This comes back to 2.5 as it stands - "reasonable precautions" should be 
taken by an account holder.
> Accounts do not cost anything, one even can have multiple ones for
> different contexts or whatever.
I actually have greater issues with this than with "sharing" - whatever 
we may decide that means. I'll leave that as a matter for another day 
though.

> > 2.5b Various countries - certainly including UK and US (and I think AU)
> > have legislation in place that can enforce surrender of keys allegedly
> > for anti-organised crime and anti-terrorism reasons in their
> > legislation. Given this, *I'd prefer not to add such a clause*, although
> > I could "live with it under protest". If such a clause is put in place,
> > I'd suggest that this perhaps needs to be considered, and that direction
> > be given to clarify what action a member of the community should take it
> > it did. I also think we would be on "dodgy ground" if such legislation
> > applies to NSW-AU as we take that as our "governing law"!
> Those laws are part of the reason why people not living there (and
> probably also people living there) come to CAcert for certificates,
> because it is one of the few CAs not based in the USA so that such laws
> are not the basis of the CA. And our RA is spread out so that it cannot
> be affected as easily by such laws.
Even in Germany you are likely to be affected by this - there are 
various German organisations that may have this type of power (BfV and 
BND come to mind) and there is a considerable amount of EU legislation 
that's at least related as well.

You make sweeping assumptions here as to why people choose to come to 
CAcert - I suspect that the vast majority of people don't even consider 
them. They may be your reasons - but they are not mine!

Regardless of that, it makes no difference to the individual - they are 
still subject to the laws of their land, whether you like that or not. 
The CA doesn't hold the keys, the individual does. The only choice the 
individual will have if their keys are demanded by a competent legal 
authority in their country is to either comply with the law  and break 
CAcert's rules as proposed or to face fines or jail for breaking the 
law. This is the place to make that clear and possibly to provide 
explicit guidance.

As far as I am concerned, 2.5 works reasonably well as it stands and 
thus is in no real need of change!

Regards

Alex

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature