Skip to Content.
Sympa Menu

cacert-policy - Re: Results of Audit session 2015.1

Subject: Policy-Discussion

List archive

Re: Results of Audit session 2015.1

Chronological Thread 
  • From: Eva Stöwe <eva.stoewe AT>
  • To: cacert-policy AT
  • Subject: Re: Results of Audit session 2015.1
  • Date: Sat, 15 Aug 2015 00:08:39 +0200
  • Organization: CAcert


sure, the part does not change anything. It is just optional. And for
the next overwork of the assurance policy it may be an idea to remove it.

But as it is not doing anything, it is not a sensible investment of our
time and resources, to do a policy change just to remove this.

We would have to come to a consensus, edit the document as a DRAFT, get
it through Software and do the same for POLICY again, shortly afterwards.

So please let us discuss more relevant things. There are a lot and there
is a huge agenda.

On 14.08.2015 18:51, Benny Baumann wrote:
> Am 14.08.2015 um 10:39 schrieb Karl-Heinz Gödderz:
>> Hi, I'm new here.
>> So my question:
>> Can't
>> 'Using the same CAP form for reciprocal assurance is not recommended'
>> be meant as to change the AP so that in reciprocal Assurance there have
>> to be two CAPs?
> As each assurer is required to keep the original CAP form you have to
> produce two originals in the first place: One for each direction of
> assurance.
> IMHO the paragraph can be removed; if at all necessary a remark in the
> AH could be done two clarify handling in this situation. But AFAIC the
> policy is clear even with both Benedikt's change AND without a
> clarification in the AH; thus no further work needed than to remove the
> paragraph as suggested.
>> best regards
>> Karl-Heinz
> Kind regards,
> BenBE.
>> Am 13.08.2015 um 00:29 schrieb Eva Stöwe:
>>> Hello Benedikt,
>>> if you make a proposal for a policy change can you please post the
>>> situation before and after the change, or better, mark what you want to
>>> have deleted, so that everybody can see the context of the change?
>>> Thank you.
>>>> @Policy Group:
>>>> As result of the audit session, I propose to change the Assurance Policy:
>>>> Remove the sentence "Optional: If the Assurance is reciprocal, then the
>>>> Assurer's email address and Secondary Distinguishing Feature are
>>>> required as well;" from § 4.5 of the Assurance Policy. (see [3]).
>>>> The new text will be then:
>>>> 4.5. CAcert Assurance Programme (CAP) form
>>>> The CAcert Assurance Programme (CAP) form requests the following details
>>>> of each Member or Prospective Member:
>>>> * Name(s), as recorded in the on-line account;
>>>> * Primary email address, as recorded in the on-line account;
>>>> * Secondary Distinguishing Feature, as recorded in the on-line
>>>> account (normally, date of birth);
>>>> * Statement of agreement with the CAcert Community Agreement;
>>>> * Permission to the Assurer to conduct the Assurance (required for
>>>> privacy reasons);
>>>> * Date and signature of the Assuree.
>>>> The CAP form requests the following details of the Assurer:
>>>> * A least one Name as recorded in the on-line account of the Assurer;
>>>> * Assurance Points for each Name in the identity document(s);
>>>> * Statement of Assurance;
>>>> * Date, location of Assurance and signature of Assurer.
>>>> The CAP forms are to be kept at least for 7 years by the Assurer.
>>> Anyway: I am definitely against this change. NAY from me.
>>> While I do not like the idea of a reciprocal assurance being performed
>>> with one CAP form, but it is allowed to do. Also the AP allows to have
>>> the CAP forms hold by the assuree, if the Assurer has issues to do so.
>>> If only one document is used for both assurances, than both are assurer
>>> and assuree, so the information of both is required.

mit freundlichen Grüßen / best regards
Eva Stöwe
CAcert Assurer
CAcert Case Manager & Arbitrator - Free Certificates
eva.stoewe AT

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Archive powered by MHonArc 2.6.18.

Top of Page