Skip to Content.
Sympa Menu

cacert-policy - Re: Results of Audit session 2015.1

Subject: Policy-Discussion

List archive

Re: Results of Audit session 2015.1


Chronological Thread 
  • From: Eva Stöwe <eva.stoewe AT cacert.org>
  • To: cacert-policy AT lists.cacert.org
  • Subject: Re: Results of Audit session 2015.1
  • Date: Thu, 13 Aug 2015 00:29:04 +0200
  • Organization: CAcert

Hello Benedikt,

if you make a proposal for a policy change can you please post the
situation before and after the change, or better, mark what you want to
have deleted, so that everybody can see the context of the change?

Thank you.

> @Policy Group:
> As result of the audit session, I propose to change the Assurance Policy:
>
> Remove the sentence "Optional: If the Assurance is reciprocal, then the
> Assurer's email address and Secondary Distinguishing Feature are
> required as well;" from § 4.5 of the Assurance Policy. (see [3]).
>
> The new text will be then:
>
> 4.5. CAcert Assurance Programme (CAP) form
>
> The CAcert Assurance Programme (CAP) form requests the following details
> of each Member or Prospective Member:
> * Name(s), as recorded in the on-line account;
> * Primary email address, as recorded in the on-line account;
> * Secondary Distinguishing Feature, as recorded in the on-line
> account (normally, date of birth);
> * Statement of agreement with the CAcert Community Agreement;
> * Permission to the Assurer to conduct the Assurance (required for
> privacy reasons);
> * Date and signature of the Assuree.
>
> The CAP form requests the following details of the Assurer:
> * A least one Name as recorded in the on-line account of the Assurer;
> * Assurance Points for each Name in the identity document(s);
> * Statement of Assurance;
> * Date, location of Assurance and signature of Assurer.
>
> The CAP forms are to be kept at least for 7 years by the Assurer.

Anyway: I am definitely against this change. NAY from me.

While I do not like the idea of a reciprocal assurance being performed
with one CAP form, but it is allowed to do. Also the AP allows to have
the CAP forms hold by the assuree, if the Assurer has issues to do so.
If only one document is used for both assurances, than both are assurer
and assuree, so the information of both is required.

--
mit freundlichen Grüßen / best regards
Eva Stöwe
CAcert Assurer
CAcert Case Manager & Arbitrator
CAcert.org - Free Certificates
E-Mail:
eva.stoewe AT cacert.org

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature




Archive powered by MHonArc 2.6.18.

Top of Page