Subject: Policy-Discussion
List archive
- From: Karl-Heinz Gödderz <CAcert AT GuKK-Online.de>
- To: cacert-policy AT lists.cacert.org
- Subject: Re: CPS changes in context of HoP proposal
- Date: Tue, 23 May 2017 09:23:48 +0200
some questions
Am 12.02.2017 um 22:15 schrieb Eva Stöwe: CPS 1.3 to "The CA is legally operated by the
Legal Entities named in the CAcert Communtiy Agreement ("CCA" =>
COD9), on behalf of the wider Community of
Members of CAcert. The Legal Entity details are at
the CAcert wiki. alternatively: "The CA is legally operated by the Legal Entities named in the CAcert
Communtiy Agreement ("CCA" =>
COD9) at last edit of CPS this is
CAcert Incorporated, an Association
registered in 2002 in New South Wales, Australia, on
behalf of the wider Community of Members of CAcert. The Legal Entity
details are at the CAcert wiki. is it really so that cabinet manages under the direction of the legal entities or should not the legal entities manage under the direction of the cabinet? CPS 3.1.7. last sentence to I would prefer that version"The Cabinet in agreement with the Legal Entities has the authority to add or remove accepted TLD Registrars on this list." CPS 8.3 last paragraph "An Auditor may convene an audit team. The same restrictions apply in general to all members of the team, but may be varied. Any deviations must be documented and approved by the CAcert Inc. Board." to "An Auditor may convene an audit team. The same restrictions apply in general to all members of the team, but may be varied. Any deviations must be documented and approved by the Arbitrator." - replacing "CAcert Inc. Board" by "Arbitrator" ATTENTION: By this the authority would be moved into judiciary area and out of control from executive area. Two reasons: a) Executive probably has quite some interest in such deviations as they want to see progress. b) Other controls over security are under the oversight of arbitration as well. Especially if it is about requirements for access to roles. The assignment to the role as such would then be again with the according team (auditor). Which looks much more like other processes we have for other teams. CPS 8.5 second paragraph "Auditor may issue directives instructing changes, where essential to audit success or other extreme situations. Directives should be grounded on criteria, on established minimum or safe practices, or clearly described logic. Adequate discussion with Community (e.g., CAcert Inc. Board and with Policy Group) should precede any directive. They should be presented to the same standard as the criteria, above." by "Auditor may issue directives instructing changes, where essential to audit success or other extreme situations. Directives should be grounded on criteria, on established minimum or safe practices, or clearly described logic. Adequate discussion with Community (e.g., Cabinet and with Policy Group) should precede any directive. They should be presented to the same standard as the criteria, above." - replacing "CAcert Inc. Board" by "Cabinet" We could consider to also add the Legal Entities, but it's sensible to assume that affected LEs would be informed, anyway. The relevant part is probably that the community authorities get involved. Especially as they are likely to be those who will have to do something. CPS 9.5.2. "The brand of CAcert is made up of its logo, name, trademark, service marks, etc. Use of the brand is strictly limited by the Board, and permission is required. See m20070917.5." by "The brand of CAcert is made up of its logo, name, trademark, service marks, etc. Use of the brand is strictly limited by the Cabinet, and permission is required. See m20070917.5." - replacing "Board" by "Cabinet" However I believe there was some "recent" board activity on that question (end of 2015 before new board was elected, if I remember correctly). Maybe we should look up that development, first. Also we should consider if this is a sensible approach as well. Maybe it would make sense to allow it for use at events or the like as well. It is somewhat stupid to not being allowed to show a logo in a talk for example. Especially as anything else (according to CCA) is under a much more open license.
|
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
- Re: CPS changes in context of HoP proposal, Karl-Heinz Gödderz, 05/23/2017
Archive powered by MHonArc 2.6.18.