<dd>Assurance is the process by which a Member of CAcert Community (Assurer) identifies an individual (Assuree).
<br>
With sufficient assurances, a Member may (a) issue certificates with their Names included, (b) participate in assuring others, and (c) other related activities.
<dd>An individual who has agreed to the CAcert Community agreement and has created successfully a CAcert (web)account on http://www.cacert.org.
<dt><em>Name</em></dt>
<dd>A Name is the full name (first name(s), family name(s), name extensions,abreviation of name(s), etc.) of an individual. The Name is technically spoken a string exactly taken from a governemental issued photo ID. Transliteration of characters to a character table defined by CAcert is permitted.
<dd>A Name for an individual is discrimated from similar full names by a secondary distinguished feature, as recorded on the on-line CAcert (web) account.
Currently this is the date of birth (DoB) of the individual.
Documentation on Assurance is split between this Assurance Policy (AP) and the <ahref="/wiki/AssuranceHandbook2">Assurance Handbook</a>.
The policy is controlled by <ahref="/wiki/PolicyDrafts/ConfigurationControlSpecification">Configuration Control Specification (CCS)</a> under <aclass="http"href="http://www.cacert.org/policy/PolicyOnPolicy.php">Policy of Policy (PoP)</a> policy documents.
Because Assurance is an active area, much of the practice is handed over to the Assurance Handbook, which is not a controlled document, and can more easily respond to experience and circumstances.
See also <aclass="http"href="http://www.cacert.org/policy/OrganisationAssurancePolicy.php">Organisation Assurance Policy (OAP)</a> and <aclass="http"href="http://svn.cacert.org/CAcert/policy.htm">CAcert Policy Statement (CPS)</a>.
<li> Some personal details of the Member (Name(s), primary and other listed email address(es), secundary distinguished feature (eg DoB)) are known to CAcert.
The confidence level of the Assurance Statement is expressed by the Assurance Points.
<p>
<h3>Relying Party Statement</h3>
<p>
The primary goal of the Assurance Statement is to meet the needs of the <em>Relying Party Statement</em>, which latter is found in the Certification Practice Statement (<aclass="http"href="http://svn.cacert.org/CAcert/policy.htm">CPS</a>) for the express purpose of certificates.
When a certificate is issued, some or all of the Assurance Statement may be incorporated (e.g., name) or implied (e.g., Membership or status) into the certificate and be part of the <em>Relying Party Statement</em>.
For example, married name, variations of initials of first or middle names, abbreviation of a first name, different language or country variations and transliterations of characters in a name.
Each individual Name must be assured to the applicable level.
That is, each Name to 50 Assurance Points to be used in a certificate.
<br>
For an Assurer at least one Name must have at least to 100 Assurance Points.
Mutual Assurance follows the principle of reciprocity.
This means that the Assurance may be two-way, and that each member participating in the Assurance procedure should be able to show evidence of their identity to the other.
In the event that an Assurer is assured by a Member who is not certified as an Assurer, the Assurer supervises the Assurance procedure and process, and is responsible for the results.
On the question of providing evidence that one is an Assurer, <aclass="http"href="http://svn.cacert.org/CAcert/policy.htm#p3.2">CAcert Policy Statement (CPS) says</a>: <em>The level at which each Member is Assured is public data. The number of Assurance Points for each Member is not published.</em>.
Note that, even though they are sometimes referred to as <em>Web-of-Trust</em> (Assurance) Points, or <em>Trust</em> Points, the meaning of the word 'trust' is not well defined.
Any lesser confidence should give less Assurance Points for a Name. If the Assurer has no confidence in the information presented, then <em>zero </em> Assurance Points may be allocated by the Assurer.
A (new) Member who is not an Assurer may award an Assurer in a reciprocal process a maximum of 2 Assurance Points, according to his judgement.
The Assurer should strive to have the Member allocate according to the Member's judgement, and stay on the cautious side; a (new) Member new to the assurance process should allocate <em>zero</em> Assurance Points until they get some confidence in what is happening.
Additional Experience Points may be granted temporarily or permanently to an Assurer by CAcert Inc's Board, on recommendation from the Assurance Officer.
<p>
Experience Points are not to be confused with Assurance Points.
<p>
<em>Comment: this part still needs to be agreed.</em>
Updating this Assurance Policy, under the process established by <aclass="https"href="https://www.cacert.org/policy/PolicyOnPolicy.php">Policy on Policy</a>;
Management of all Subsidiary Policies (see below) for Assurances, under <aclass="https"href="https://www.cacert.org/policy/PolicyOnPolicy.php">Policy on Policy</a>;
Each must be covered by an approved Subsidiary Policy (refer to Policy on Policy => COD1).
Subsidiary Policies specify any additional tests of knowledge required and variations to process and documentation, within the general standard stated here.
In addition to the Assurance or Experience Points ratings set here in and in other policies, Assurance Officer or policies can designate certain applications as high risk.
Under Arbitrator ruling, in a duly filed dispute (<aclass="http"href="http://www.cacert.org/policy/DisputeResolutionPolicy.html">Dispute Resolution Policy</a> => COD7)