Policy-Discussion

[Benny Baumann <benbe AT cacert.org>]

Am 14.08.2015 um 10:39 schrieb Karl-Heinz Gödderz:
> Hi, I'm new here.
> 
> So my question:
>  
> Can't
> 
> 'Using the same CAP form for reciprocal assurance is not recommended'
> 
> be meant as to change the AP so that in reciprocal Assurance there have
> to be two CAPs?
As each assurer is required to keep the original CAP form you have to
produce two originals in the first place: One for each direction of
assurance.

IMHO the paragraph can be removed; if at all necessary a remark in the
AH could be done two clarify handling in this situation. But AFAIC the
policy is clear even with both Benedikt's change AND without a
clarification in the AH; thus no further work needed than to remove the
paragraph as suggested.

> 
> best regards
> Karl-Heinz
Kind regards,
BenBE.
> 
> Am 13.08.2015 um 00:29 schrieb Eva Stöwe:
>> Hello Benedikt,
>>
>> if you make a proposal for a policy change can you please post the
>> situation before and after the change, or better, mark what you want to
>> have deleted, so that everybody can see the context of the change?
>>
>> Thank you.
>>
>>> @Policy Group:
>>> As result of the audit session, I propose to change the Assurance Policy:
>>>
>>> Remove the sentence "Optional: If the Assurance is reciprocal, then the
>>> Assurer's email address and Secondary Distinguishing Feature are
>>> required as well;" from § 4.5 of the Assurance Policy. (see [3]).
>>>
>>> The new text will be then:
>>>
>>> 4.5. CAcert Assurance Programme (CAP) form
>>>
>>> The CAcert Assurance Programme (CAP) form requests the following details
>>> of each Member or Prospective Member:
>>>    * Name(s), as recorded in the on-line account;
>>>    * Primary email address, as recorded in the on-line account;
>>>    * Secondary Distinguishing Feature, as recorded in the on-line
>>> account (normally, date of birth);
>>>    * Statement of agreement with the CAcert Community Agreement;
>>>    * Permission to the Assurer to conduct the Assurance (required for
>>> privacy reasons);
>>>    * Date and signature of the Assuree.
>>>
>>> The CAP form requests the following details of the Assurer:
>>>    * A least one Name as recorded in the on-line account of the Assurer;
>>>    * Assurance Points for each Name in the identity document(s);
>>>    * Statement of Assurance;
>>>    * Date, location of Assurance and signature of Assurer.
>>>
>>> The CAP forms are to be kept at least for 7 years by the Assurer.
>> Anyway: I am definitely against this change. NAY from me.
>>
>> While I do not like the idea of a reciprocal assurance being performed
>> with one CAP form, but it is allowed to do. Also the AP allows to have
>> the CAP forms hold by the assuree, if the Assurer has issues to do so.
>> If only one document is used for both assurances, than both are assurer
>> and assuree, so the information of both is required.
>>
>

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature