Table of Contents
Table of Contents
Table of Contents
This CAcert Policy extends the Assurance + Policy ("AP") by specifying how + Organisation Assurance ("OA") is + to be conducted by an Organisation Assurer + ("OrgAssurer") under the supervision of the + Organisation Assurance Officer + ("OAO").
This policy is not a Controlled Document, for + purposes of Configuration Control Specification + ("CCS").
Organisation Assurance allows an + Organisation to issue + Certificate(s) using CAcert Public Key + Infrastructure (“PKI”).
The Organisation Assurance Officer + (“OAO”) is responsible for + Organisation Assurance and reports to the + Assurance Officer + (“AO”) who in turn reports to the + CAcert Board.
Responsibilities include:
Management of all Organisation + Assurer(s)
Product management of the process (eg Application + Form, interfaces, etc.)
Maintenance of Procedures and + Guidelines
Table of Contents
This CAcert sub-policy extends the Organisation Assurance + Policy ("OAP") by specifying how + Organisation Assurance ("OA") is + to be conducted by the assigned Organisation + Assurer ("OrgAssurer") under the supervision + of the Organisation Assurance Officer + ("OAO") for entities within the defined scope.
This sub-policy is applicable to:
Any Organisation registered in Europe + with a pre-approved trade office registry ("Approved + Registry")
This follows the European style of Chambers of Commerce (e.g + Chambers of Commerce in continental Europe, Companies House in the + United Kingdom and Ministry of Justice, Finance, or Commerce in Eastern + Europe)
This section describes any sub-policy specific requirements that are + not otherwise defined in the OAP.
An Approved Registry:
Must follow the general model of a Trade + Office and is thus a formal authority for dealing with + local trade matters
Must have an official mandate by law to register certain types + of Organisation (eg sole traders, + partnerships, companies, associations)
Must have a search facility service that provides reliable + documentary Record of the registration of an + Organisation
An Organisation:
Must be registered with an Approved + Registry with an “active” status or + equivalent.
May have zero or more Registered + Name(s) in addition to the name of the Legal + Entity.
Must be a distinct Legal Entity (eg + incorporated) OR the constituent Legal + Entity(s) must be identified.
A Legal Entity may have various legal + statuses with different liabilities. The + Organisation may not be capable of legally + becoming a CAcert Member, independently and + separately from the individuals within. The + OrgAssurer must take care to identify which + individuals are Members, and which are therefore the natural legal + entities behind the names.
Extract(s) supplied by an + Approved Registry:
Must be obtained by the OrgAssurer as:
Original paper Extract obtained + independently from the Approved + Registry by the OrgAssurer
Digital Extract obtained online + from the Approved Registry by the + OrgAssurer
Digital Extract with a valid, + trusted Digital Signature obtained by + any means
Historical supplemental + Extract(s) where it can be shown that + material changes have not been made (e.g., via absence of + subsequent submissions in official document listings)
Must include at least the following information:
Full Name of the Legal + Entity
Unique Identifier of the + Legal Entity within the + Approved Registry (and + Type of Unique + Identifier, eg “Company + Number”)
Type of the Legal + Entity (eg “Limited Liability + Company”)
Location of the Legal + Entity (which must fall within the + Jurisdiction of the Approved + Registry)
Representative(s) of the + Organisation