Subject: Policy-Discussion
List archive
- From: Benedikt Heintel <benedikt AT cacert.org>
- To: software AT cacert.org, cacert-policy AT lists.cacert.org
- Cc: Ulrich Schroeter <Ulrich.Schroeter AT sopheon.de>, "Board CAcert Inc." <cacert-board AT lists.cacert.org>
- Subject: Results of Audit session 2015.1
- Date: Thu, 13 Aug 2015 00:04:10 +0200
Dear all,
Board recently agreed on the measures found in Audit session 2015.1 [1]
There is need to act on the non-conformities and a decision (and maybe
an action) needed on the recommendation.
@Software Team:
Please obey AP 2.1 and AP 2.2 in software, to follow the Policy (See [2]
for more information). Let me know about the estimated time to implement
this requirements and inform me as soon as the implementation status
changes.
@Policy Group:
As result of the audit session, I propose to change the Assurance Policy:
Remove the sentence "Optional: If the Assurance is reciprocal, then the
Assurer's email address and Secondary Distinguishing Feature are
required as well;" from § 4.5 of the Assurance Policy. (see [3]).
The new text will be then:
4.5. CAcert Assurance Programme (CAP) form
The CAcert Assurance Programme (CAP) form requests the following details
of each Member or Prospective Member:
* Name(s), as recorded in the on-line account;
* Primary email address, as recorded in the on-line account;
* Secondary Distinguishing Feature, as recorded in the on-line
account (normally, date of birth);
* Statement of agreement with the CAcert Community Agreement;
* Permission to the Assurer to conduct the Assurance (required for
privacy reasons);
* Date and signature of the Assuree.
The CAP form requests the following details of the Assurer:
* A least one Name as recorded in the on-line account of the Assurer;
* Assurance Points for each Name in the identity document(s);
* Statement of Assurance;
* Date, location of Assurance and signature of Assurer.
The CAP forms are to be kept at least for 7 years by the Assurer.
Best Regards
Benedikt
[1] https://wiki.cacert.org/Audit/Results/session2015.1
[2] https://wiki.cacert.org/Audit/Results/session2015.1#Non-Conformities
[3] https://wiki.cacert.org/Audit/Results/session2015.1#Recommendation
--
Benedikt Heintel -
benedikt AT cacert.org
CAcert Assurer for People & Organizations
CAcert internal Auditor
CAcert.org - Secure Together
http://www.cacert.org
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- Results of Audit session 2015.1, Benedikt Heintel, 08/12/2015
- Re: Results of Audit session 2015.1, Ian G, 08/12/2015
- Re: Results of Audit session 2015.1, Benedikt Heintel, 08/12/2015
- Re: Results of Audit session 2015.1, Eva Stöwe, 08/12/2015
- Re: Results of Audit session 2015.1, Benedikt Heintel, 08/12/2015
- Re: Results of Audit session 2015.1, Karl-Heinz Gödderz, 08/14/2015
- Re: Results of Audit session 2015.1, Eva Stöwe, 08/14/2015
- Re: Results of Audit session 2015.1, Benny Baumann, 08/14/2015
- Re: Results of Audit session 2015.1, Eva Stöwe, 08/14/2015
- Re: Results of Audit session 2015.1, Benny Baumann, 08/15/2015
- Re: Results of Audit session 2015.1, Ian G, 08/15/2015
- Re: Results of Audit session 2015.1, Benny Baumann, 08/15/2015
- Re: Results of Audit session 2015.1, Eva Stöwe, 08/14/2015
- Re: Results of Audit session 2015.1, Ian G, 08/12/2015
Archive powered by MHonArc 2.6.18.