<li>Press releases MUST be approved by the board and issued via:<br/>
<li>Community Members MAY communicate on their areas, but these are considered community views.</li>
<li>Official press releases MUST be approved by the board and issued via:<br/>
<olstyle="list-style-type: lower-roman;">
<olstyle="list-style-type: lower-roman;">
<li>Digitally signed email to appropriate mailing list(s) by the president.
<li>Digitally signed email to appropriate mailing list(s).
</li>
</li>
<li>Posting and indefinite archiving on the official CAcert web site(s)
<li>Posting and indefinite archiving on the official CAcert web site(s)
</li>
</li>
@ -63,42 +64,30 @@
<strong>Internet Email</strong><br/>
<strong>Internet Email</strong><br/>
<olstyle="list-style-type: lower-alpha;">
<olstyle="list-style-type: lower-alpha;">
<li>
<li>
<strong>Email Accounts</strong> are official email accounts within the CAcert domain(s) (eg john@cacert.org).<br/>
<strong>Email Aliases</strong> are official email addresses within the CAcert domain(s) (eg john@cacert.org).<br/>
<olstyle="list-style-type: lower-roman;">
<olstyle="list-style-type: lower-roman;">
<li>All official CAcert communications MUST be conducted using an official address.
<li>All official CAcert communications MUST be conducted using an official address, which is typically a forwarding service.
</li>
</li>
<li>All new accounts MUST be approved by the M-SC (who SHOULD act conservatively on behalf of the board).
<li>Access to full accounts (available only to officials listed on the organisation chart) SHALL be available via web interface and standard mail protocols.
</li>
</li>
<li>Applicants MUST be assigned a role/office on the CAcert organisation chart.
<li>Outbound mail SHOULD contain the full name and short reference to the official capacity of the user: <i>John Citizen (CAcert AO) <john@cacert.org></i>.
</li>
</li>
<li>Role accounts (eg support@cacert.org) SHALL be implemented as a mailing list or automated issue tracking system as appropriate.
<li>Role accounts (eg support@cacert.org) SHALL be implemented as a mailing list or automated issue tracking system as appropriate.
</li>
</li>
<li>All access SHALL be via POP, IMAP, HTTP and SMTP and MUST be authenticated.
</li>
<li>Outbound mail SHOULD contain the full name and short reference to the official capacity of the user (eg John Citizen (CAcert AO) <john@cacert.org>).
</li>
<li>Outbound mail MUST be relayed via CAcert infrastructure (eg smtp.cacert.org).
</li>
</ol>
</ol>
</li>
</li>
<li>
<li>
<strong>Mailing Lists</strong> are distribution lists containing CAcert community members.<br/>
<strong>Mailing Lists</strong> are automated distribution lists containing CAcert community members.<br/>
<olstyle="list-style-type: lower-roman;">
<olstyle="list-style-type: lower-roman;">
<li>All new mailing lists MUST be approved by the M-SC (who SHOULD act conservatively on behalf of the board).
<li>List management (new list creation, dead list removal) SHALL be managed by the board.
</li>
</li>
<li>All 'dead' mailing lists SHOULD be removed by the M-SC (on behalf of the board).
<li>List membership SHALL be restricted to CAcert Community members and all posts are contributions, as described in the CCA.
</li>
<li>List membership SHALL be restricted to CAcert Community members who are subject to the CCA (to be reflected in list info) and all posts are contributions.
</li>
</li>
<li>Lists SHALL follow the naming convention of cacert-<listname>@lists.cacert.org, with important lists (eg support, board) aliased @cacert.org
<li>Lists SHALL follow the naming convention of cacert-<listname>@lists.cacert.org, with important lists (eg support, board) aliased @cacert.org
</li>
</li>
<li>List policy SHALL be set on a per-list basis (eg open/closed, searchable archives, etc.)<br/>
<li>List policy SHALL be set on a per-list basis (eg open/closed, searchable archives, etc.)<br/>
<ol>
<ol>
<li>Open lists (eg cacert-policy) shall be accessible by anyone (including Internet search engines)
<li>Open lists (eg cacert-policy) shall be accessible by anyone (including Internet search engines) and closed lists (eg cacert-board) only by list members.
</li>
<li>Closed lists (eg cacert-board) shall be accessible only by list members.
</li>
<li>Subscriber lists MUST NOT be revealed, even to list members.
</li>
</li>
<li>Posting to discussion lists (eg cacert-policy) MUST be restricted to list members and MUST NOT be restricted for role lists (eg cacert-board).
<li>Posting to discussion lists (eg cacert-policy) MUST be restricted to list members and MUST NOT be restricted for role lists (eg cacert-board).
</li>
</li>
@ -106,20 +95,16 @@
</li>
</li>
</ol>
</ol>
</li>
</li>
<li>List management MUST be automated (eg Mailman).
<li>Subscription requests MUST be confirmed by the requestor and subscriber lists MUST NOT be revealed..
</li>
<li>Subscription requests MUST be confirmed by the requestor.
</li>
<li>Web based archives MUST be maintained and accessible over HTTP and HTTPS.
</li>
</li>
<li>All authentication and authorisation MUST reflect list policy.
<li>Web based archives SHALL be maintained and authentication MUST reflect list policy.
</li>
</li>
</ol>
</ol>
</li>
</li>
<li>
<li>
<strong>Automated Email</strong> is sent by various CAcert systems automatically.<br/>
<strong>Automated Email</strong> is sent by various CAcert systems automatically.<br/>
<olstyle="list-style-type: lower-roman;">
<olstyle="list-style-type: lower-roman;">
<li>All new automated emails MUST be approved by the M-SC (who SHOULD act conservatively on behalf of the board).
<li>All new automated emails MUST be approved by the board.
</li>
</li>
<li>Automated emails SHOULD only be sent in response to a user action.
<li>Automated emails SHOULD only be sent in response to a user action.
</li>
</li>
@ -130,10 +115,6 @@
<olstyle="list-style-type: lower-roman;">
<olstyle="list-style-type: lower-roman;">
<li>Personal email MUST NOT be used for official CAcert purposes.
<li>Personal email MUST NOT be used for official CAcert purposes.
</li>
</li>
<li>Personal email MAY be used for unofficial tasks (eg assurers coordinating assurances)
</li>
<li>In the event that email accounts are made available to all community members these MUST be used, and personal email MUST NOT be used at all.