@ -2,27 +2,44 @@
< !DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
< html xmlns = "http://www.w3.org/1999/xhtml" >
< head >
< title >
Organisation Assurance Policy
< / title >
< / head >
< body >
< h1 >
Organisation Assurance Policy
< / h1 >
< p >
< a href = "../PolicyOnPolicy.html" > < img src = "../cacert-draft.png" alt = "CAcert Draft" height = "31" width = "88" style = "border-style: none;" / > < / a > < br / >
Document: OAP COD11< br / >
Author: Jens Paul< br / >
Creation date: 2007-09-18< br / >
Status: POLICY/DRAFT 2007-09-18 < a href = "http://wiki.cacert.org/wiki/TopMinutes-20070917" > m20070918.x < / a > < br / >
Changed: 2008-04-01 Teus Hagen policy list vote; add advisors and board< br / >
Next status: POLICY 2008< br / >
<!-- $Id$ -->
< / p >
< h2 > < a name = "0" > 0. < / a > Preliminaries < / h2 >
< head >
< title > Organisation Assurance Policy < / title >
< style type = "text/css" >
<!--
.comment {
color : steelblue;
}
-->
< / style >
< / head >
< body >
< div class = "comment" >
< table width = "100%" >
< tr >
< td >
Name: OAP < a style = "color: steelblue" href = "//svn.cacert.org/CAcert/Policies/ControlledDocumentList.html" > COD11< / a > < br / >
Status: POLICY/DRAFT < a style = "color: steelblue" href = "//wiki.cacert.org/wiki/TopMinutes-20070917" > m20070918.x < / a > < br / >
< span class = "draftadd" > DRAFT p20080401 < / span > < br / >
Editor: Jens Paul < br / >
Licence: < a style = "color: steelblue" href = "//wiki.cacert.org/Policy#Licence" title = "this document is Copyright © CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy" > CC-by-sa+DRP < / a > < br / > < / td >
< td valign = "top" align = "right" >
< a href = "//www.cacert.org/policy/PolicyOnPolicy.php" > < img src = "images/cacert-policy.png" alt = "OAP Status - POLICY" height = "31" width = "88" style = "border-style: none;" / > < / a > < br / >
< a href = "//www.cacert.org/policy/PolicyOnPolicy.php" > < img src = "images/cacert-draft.png" alt = "OAP Status - DRAFT" height = "31" width = "88" style = "border-style: none;" / > < / a >
< / td >
< / tr >
< / table >
< / div >
< h1 > Organisation Assurance Policy < / h1 >
< h2 id = "s0" > 0. Preliminaries < / h2 >
< p >
This policy describes how Organisation Assurers ("OAs")
@ -36,7 +53,7 @@ This policy is not a Controlled document, for purposes of
Configuration Control Specification ("CCS").
< / p >
< h2 > < a name = "1" > 1. < / a > < / h2 >
< h2 id = "s1" > 1. Purpose < / h2 >
< p >
Organisations with assured status can issue certificates
@ -60,9 +77,9 @@ and as described in the CPS.
< / li > < / ul >
< h2 > < a name = "2" > 2. < / a > < / h2 >
< h2 id = "s2" > 2. Roles and Structure < / h2 >
< h3 > < a name = "2.1" > 2.1 < / a > < / h3 >
< h3 id = "s2.1" > 2.1 Assurance Officer < / h3 >
< p >
The Assurance Officer ("AO")
@ -80,7 +97,7 @@ The OA is appointed by the Board.
Where the OA is failing the Board decides.
< / p >
< h3 > < a name = "2.2" > 2.2 < / a > < / h3 >
< h3 id = "s2.2" > 2.2 Organisation Assurers < / h3 >
< p >
< / p >
@ -134,7 +151,7 @@ Where the OA is failing the Board decides.
< / ol >
< h3 > < a name = "2.3" > 2.3 < / a > < / h3 >
< h3 id = "s2.3" > 2.3 Organisation Assurance Advisor ("OAA") < / h3 >
< p > In countries/states/provinces where no OA Assurers are
operating for an OA Application (COAP) the OA
can be advised by an experienced local CAcert
@ -148,7 +165,7 @@ Where the OA is failing the Board decides.
< / p >
< h3 > < a name = "2.4" > 2.4 < / a > < / h3 >
< h3 id = "s2.4" > 2.4 Organisation Administrator < / h3 >
< p >
The Administrator within each Organisation ("O-Admin")
@ -178,9 +195,9 @@ and the issuing of certificates.
< / ol >
< h2 > < a name = "3" > 3. < / a > < / h2 >
< h2 id = "s3" > 3. Policies < / h2 >
< h3 > < a name = "3.1" > 3.1 < / a > < / h3 >
< h3 id = "s3.1" > 3.1 Policy < / h3 >
< p >
There is one policy being this present document,
@ -194,7 +211,7 @@ and several subsidiary policies.
< li > Organisations are assured under an appropriate subsidiary policy. < / li >
< / ol >
< h3 > < a name = "3.2" > 3.2 < / a > < / h3 >
< h3 id = "s3.2" > 3.2 Subsidiary Policies < / h3 >
< p >
The nature of the Subsidiary Policies ("SubPols"):
@ -224,7 +241,7 @@ The nature of the Subsidiary Policies ("SubPols"):
policy approval process.
< / li > < / ol >
< h3 > < a name = "3.3" > 3.3 < / a > < / h3 >
< h3 id = "s3.3" > 3.3 Freedom to Assemble < / h3 >
< p >
Subsidiary Policies are open, accessible and free to enter.
@ -257,9 +274,9 @@ Subsidiary Policies are open, accessible and free to enter.
< / li > < / ol >
< h2 > < a name = "4" > 4. < / a > < / h2 >
< h2 id = "s4" > 4. Process < / h2 >
< h3 > < a name = "4.1" > 4.1 < / a > < / h3 >
< h3 id = "s4.1" > 4.1 Standard of Organisation Assurance < / h3 >
< p >
The essential standard of Organisation Assurance is:
< / p >
@ -279,9 +296,7 @@ The essential standard of Organisation Assurance is:
requestor can sign on behalf of the organisation.
< / li > < li >
the organisation has agreed to the terms of the
< b >
CAcert Community Agreement
< / b > ,
and is therefore subject to Arbitration.
< / li > < / ol >
@ -290,7 +305,7 @@ The essential standard of Organisation Assurance is:
are stated in the SubPol.
< / p >
< h3 > < a name = "4.2" > 4.2 < / a > < / h3 >
< h3 id = "s4.2" > 4.2 COAP < / h3 >
< p >
The COAP form documents the checks and the resultant
assurance results to meet the standard.
@ -312,7 +327,7 @@ Additional information to be provided on form:
domain name(s)
< / li > < li >
Agreement with
< b > < / b >
CAcert Community Agreement.
Statement and initials box for organisation
and also for OA.
< / li > < li >
@ -328,7 +343,7 @@ and indication provided that the English is the
ruling language (due to Arbitration requirements).
< / p >
< h3 > < a name = "4.3" > 4.3 < / a > < / h3 >
< h3 id = "s4.3" > 4.3 Jurisdiction < / h3 >
< p >
Organisation Assurances are carried out by
@ -338,7 +353,7 @@ Actions carried out by OAs are under this regime.
< ol type = "a" > < li >
The organisation has agreed to the terms of the
< b > < / b >
CAcert Community Agreement.
< / li > < li >
The organisation, the Organisation Assurers, CAcert and
other related parties are bound into CAcert's jurisdiction
@ -347,12 +362,12 @@ Actions carried out by OAs are under this regime.
The OA is responsible for ensuring that the
organisation reads, understands, intends and
agrees to the
< b > < / b >
CAcert Community Agreement.
This OA responsibility should be recorded on COAP
(statement and initials box).
< / li > < / ol >
< h2 > < a name = "5" > 5. < / a > < / h2 >
< h2 id = "s5" > 5. Exceptions < / h2 >
< ol type = "a" > < li >
@ -383,8 +398,6 @@ Actions carried out by OAs are under this regime.
This means that the anglo law tradition of unregistered DBAs
is not accepted without further proof.
< / li > < / ol >
< p > < a href = "http://validator.w3.org/check?uri=referer" > < img src = "http://www.w3.org/Icons/valid-xhtml11-blue" alt = "Valid XHTML 1.1" height = "31" width = "88" style = "border-style: none;" / > < / a >
< / p >
< / body >
< / body >
< / html >
Ian Grigg
12 years ago