You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

368 lines
9.3 KiB

<?xml version="1.0" encoding="utf-8"?>
<html xmlns="">
<meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8" />
<title>Policy on Policy</title>
<style type="text/css"> <!-- only for WIP -->
body {
font-family : verdana, helvetica, arial, sans-serif;
th {
text-align : left;
.q {
color : green;
font-weight: bold;
text-align: center;
.change {
color : blue;
font-weight: bold;
.strike {
color : blue;
<body lang="en-GB">
<span style="align: center;">
<br /><b>WARNING:</b><br />
The proper policy document is located<br />
<a href="//">
on the CAcert website </a>.<br />
</big><br />
This document is a <b>working draft</b> to include<br />
future revisions only, and is currently<br />
only relevant for the [policy] group.<br />
Suggested <span class="change">additions in BLUE</span>, <span class="strike">strikes in blue</span>.<br />
Iang <span class="change">20100507</span>: fixed two errors being cacert-policy and 1.3 terminology.<br />
Iang <span class="change">20100507</span>: incorporated suggestions from CCS - 2.3, 5.4, 6.5<br />
Uli <span class="change">20130223</span>: incorporating suggestion to transfer section from CPS 9.16.1 to PoP 5.4, added reworded p20100306 into #2.5, header reformated to reflect new header style<br />
<hr />
<table width="100%">
<td>Name: PoP <a style="color: steelblue" href="">COD1</a><br />
Status: POLICY&nbsp;<a href="//">p200800204.1</a><br />
Editor: Iang 20080309<br />
Changes: <span class="change">20100507, 20130223</span><br />
Licence: <a style="color: steelblue" href="//" title="this document is Copyright &copy; CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at" > CC-by-sa+DRP </a>
<td align="right">
<a href="//"><img src="images/cacert-policy.png" alt="PoP Status - POLICY" height="31" width="88" style="border-style: none;" /></a><br />
<a href="//"><img src="images/cacert-draft.png" alt="PoP Status - DRAFT" height="31" width="88" style="border-style: none;" /></a>
<p><br /></p>
<h1> Policy&nbsp;on&nbsp;Policy </h1>
<h2 id="s0"> 0. Preliminaries </h2>
Policy on Policy adopts the IETF model of
'rough consensus' to create CAcert documents
within the open <span class="strike">[policy] mail list forum.</span> <span class="change">CAcert Policy Group <a href=""> mail list forum</a></span>.
<h2 id="s1"> 1. Scope and Purpose </h2>
<p id="s1.1">
This policy documents and controls the process by which
CAcert creates and promulgates policies.
<p id="s1.2">
The policy covers itself.
The policy replaces prior ones.
For Audit purposes,
the policy is part of the Configuration-Control Specification
("CCS", <a href="">DRC_A.1</a>)
and also documents part of the CCS.
<p id="s1.3">
The policies so created are generally binding on
<span class="strike">CAcert, registered users and related parties</span>
<span class="change">CAcert Inc., members under CAcert Community Agreement
(CCA => COD9) and other related parties under other agreements</span>.
<p id="s1.4">
The Policy Officer manages all policies
and the policy group.
The policy group is formed on the open mailing list
known as <span class="strike">[cacert-policy]</span> <span class="change">CAcert Policy Group</span>, and is to be open to all
Community Members of CAcert.
<h2 id="s2"> 2. Basic Model </h2>
<p id="s2.1">
The basic concept was drawn from the IETF model.
<p id="s2.2">
Policies are documented.
Documents start as <i>Work-In-Progress</i>, move through to
<i>DRAFT</i> and finalise in <i>POLICY</i> status.
<p id="s2.3">
Decisions are taken by "Rough Consensus."
A vote may be called to clarify.
<p id="s2.4">
Documents should include a minimum of information
in a standardised format managed by the Documentation Officer:
the Title,
short name,
Document Status,
date the Status was reached,
date / time of the last edit,
<p class="change">
Editors may make the following changes, where
it is clear that the change does not change the policy:</p>
<span class="change">fixes to errors in grammar and spelling,</span>
<span class="change">anchors, HTML errors, URLs &amp; formatting,</span>
<span class="change">COD numbers and other references, and</span>
<span class="change">other minutiae, as agreed under 2.3.</span>
<p class="change">
Such changes to be notified to the policy group, and to be folded into effect, etc, without further ado.
<p class="change">
Documents of lower status (work-in-progress or DRAFT)
must not be confusable with documents of higher status
Copies should be eliminated where not being worked on.
<h2 id="s3"> 3. Work-In-Progress </h2>
<p id="s3.1">
An Editor is identified.
This person is responsible for
drafting the document, following the consensus of the policy group.
<p id="s3.2">
The Policy Officer resolves minor disputes and keeps order.
<p id="s3.3">
The mail list of the policy group
is used as the primary debating
forum. A sub-group may be formed,
but decision-taking
should be visible on the main group.
<p id="s3.4">
Documents start with the status of
"Work-In-Progress" or WIP for short.
<h2 id="s4"> 4. DRAFT status </h2>
<p id="s4.1">
On completion, a document moves to DRAFT status.
<p id="s4.2">
A DRAFT is a policy-in-effect for the Community and is
to be distributed and treated as such.
<p id="s4.3">
As far as the Community is concerned, the DRAFT is policy.
Challenges and concerns can be addressed to the policy group,
and policy group discussions on a DRAFT
may be presented in Dispute Resolution.
<p id="s4.4">
Revisions of DRAFTs
must be treated as decisions on the policy group.
<p id="s4.5">
The period of the DRAFT status is announced widely,
which should be at least a month and no longer than a year.
<p id="s4.6">
During the period of DRAFT,
CAcert Inc. retains a veto over
policies that effect the running of CAcert Inc.
<h2 id="s5"> 5. POLICY status </h2>
<p id="s5.1">
After DRAFT period has elapsed with no revision beyond
minor and editorial changes,
there should be a decision
to move the document from
DRAFT to POLICY status.
<p id="s5.2">
Once POLICY, the Community may only challenge the document
in Dispute Resolution.
<p id="s5.3">
Policy group may propose changes to a POLICY document
in order to update it. When changes move to DRAFT status,
they may be included in the POLICY document,
but must be clearly indicated within as DRAFT not POLICY.
<p class="change">
POLICY documents are published on the CAcert website in plain HTML. Change control must be in place.
<h2 id="s6"> 6. Open Process </h2>
<p id="s6.1">
All policy discussions and documents should be open
processes. There should be a fair chance for
the Community
to have their views heard.
Rough Consensus is the working metric.
<p id="s6.2">
Contributions to
formally controlled documents such as Policies
are transferred fully to CAcert Inc.
and similar intellectual property rights
required to incorporate the Contribution
are either transferred to CAcert Inc, or,
are issued and contributed under free,
open, non-restrictive,
irrevocable, exclusive,
and clear licence to CAcert Inc.
In all cases, CAcert Inc licenses the
contributions back to the community
under an open licence.
<p id="s6.3">
Contributors declare any conflicts of interest.
<p id="s6.4">
Policies should be issued under free, open,
irrevocable, non-exclusive,
and clear licence by CAcert, Inc.
<p id="s6.5">
Mailing lists should be archived,
and important meetings should be minuted.
<span class="change">A record of decisions is to be maintained.</span>
<h2 id="s7"> 7. Disputes. </h2>
<p id="s7.1">
Any questions not resolved by these rules
may be voted on in the policy group, or
may be dealt with in Dispute Resolution.
<p id="s7.2">
The Policy Officer may decide a tight vote in a minor matter only.
Failure of Rough Consensus may be declared by
dissenting members.
<p id="s7.3">
Matters unresolved refer back
to further group discussion.
<p id="s7.4">
The external avenue for disputes is to file a dispute
according to CAcert's
<a href="//">
Dispute Resolution Policy</a>
DRP => COD7.