|
|
@ -1133,18 +1133,15 @@ All conflicts of interest should be examined.
|
|
|
|
<h4> <a name="9.1.6"> 9.1.6. </a> Security</h4>
|
|
|
|
<h4> <a name="9.1.6"> 9.1.6. </a> Security</h4>
|
|
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
<p>
|
|
|
|
It is the responsibility of all individuals to observe and report on security issues.
|
|
|
|
It is the responsibility of all individuals to
|
|
|
|
|
|
|
|
observe and report on security issues.
|
|
|
|
All of CAcert observes all where possible.
|
|
|
|
All of CAcert observes all where possible.
|
|
|
|
It is the responsibility of each individual to resolve it satisfactorily,
|
|
|
|
It is the responsibility of each individual to resolve it satisfactorily,
|
|
|
|
or to ensure that it is reported fully.
|
|
|
|
or to ensure that it is reported fully.
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
<p>
|
|
|
|
Only information subject to a specific and documented exception
|
|
|
|
See §9.5.
|
|
|
|
may be kept secret or confidential.
|
|
|
|
|
|
|
|
The exception itself must not be secret or confidential.
|
|
|
|
|
|
|
|
All secrets and confidentials are reviewable under Arbitration,
|
|
|
|
|
|
|
|
and may be reversed.
|
|
|
|
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
<h4> <a name="9.1.7"> 9.1.7. </a> Termination of staff</h4>
|
|
|
|
<h4> <a name="9.1.7"> 9.1.7. </a> Termination of staff</h4>
|
|
|
@ -1173,7 +1170,7 @@ to coordinate technical testing and training,
|
|
|
|
especially of new team members.
|
|
|
|
especially of new team members.
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
<h3> <a name="9.2"> 9.2. </a> Key generation/transfer</h3>
|
|
|
|
<h3> <a name="9.2"> 9.2. </a> Root Key Management</h3>
|
|
|
|
|
|
|
|
|
|
|
|
<h4> <a name="9.2.1"> 9.2.1. </a> Root Key generation</h4>
|
|
|
|
<h4> <a name="9.2.1"> 9.2.1. </a> Root Key generation</h4>
|
|
|
|
|
|
|
|
|
|
|
@ -1202,13 +1199,15 @@ Subroots may be escrowed by either Board or Systems Administration Team.
|
|
|
|
Recovery must only be conducted under Arbitrator authority.
|
|
|
|
Recovery must only be conducted under Arbitrator authority.
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<h4> <a name="9.2.4"> 9.2.4. </a> Revocation </h4>
|
|
|
|
|
|
|
|
|
|
|
|
<h3> <a name="9.3"> 9.3. </a> Legal</h3>
|
|
|
|
<h3> <a name="9.3"> 9.3. </a> Legal</h3>
|
|
|
|
|
|
|
|
|
|
|
|
<h4> <a name="9.3.1"> 9.3.1. </a> Responsibility</h4>
|
|
|
|
<h4> <a name="9.3.1"> 9.3.1. </a> Responsibility</h4>
|
|
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
<p>
|
|
|
|
The board is responsible for the CA at the executive level.
|
|
|
|
The board is responsible to the Community to manage
|
|
|
|
|
|
|
|
the CA at the executive level.
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
<h4> <a name="9.3.2"> 9.3.2. </a> Response to external (legal) inquiry</h4>
|
|
|
|
<h4> <a name="9.3.2"> 9.3.2. </a> Response to external (legal) inquiry</h4>
|
|
|
@ -1287,6 +1286,9 @@ In concrete terms,
|
|
|
|
only under a defined exception under policy,
|
|
|
|
only under a defined exception under policy,
|
|
|
|
or under the oversight of the Arbitrator,
|
|
|
|
or under the oversight of the Arbitrator,
|
|
|
|
may confidentiality or secrecy be maintained.
|
|
|
|
may confidentiality or secrecy be maintained.
|
|
|
|
|
|
|
|
The exception itself must not be secret or confidential.
|
|
|
|
|
|
|
|
All secrets and confidentials are reviewable under Arbitration,
|
|
|
|
|
|
|
|
and may be reversed.
|
|
|
|
All should strive to reduce or remove any such
|
|
|
|
All should strive to reduce or remove any such
|
|
|
|
restriction.
|
|
|
|
restriction.
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|