|
|
@ -29,6 +29,7 @@ Status: <i>work-in-progress</i>
|
|
|
|
This Security Manual sets out required procedures
|
|
|
|
This Security Manual sets out required procedures
|
|
|
|
for the secure operation of the CAcert critical computer systems.
|
|
|
|
for the secure operation of the CAcert critical computer systems.
|
|
|
|
These systems include:
|
|
|
|
These systems include:
|
|
|
|
|
|
|
|
</p>
|
|
|
|
<ol><li>
|
|
|
|
<ol><li>
|
|
|
|
Physical hardware mounting the logical services
|
|
|
|
Physical hardware mounting the logical services
|
|
|
|
</li><li>
|
|
|
|
</li><li>
|
|
|
@ -40,10 +41,10 @@ These systems include:
|
|
|
|
</li><li>
|
|
|
|
</li><li>
|
|
|
|
Source code (changes and patches)
|
|
|
|
Source code (changes and patches)
|
|
|
|
</li></ol>
|
|
|
|
</li></ol>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<h4><a name="1.1.1">1.1.1.</a> Effected Personnel </h4>
|
|
|
|
<h4><a name="1.1.1">1.1.1.</a> Effected Personnel </h4>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
These roles and teams are effected:
|
|
|
|
These roles and teams are effected:
|
|
|
|
|
|
|
|
|
|
|
|
<ul><li>
|
|
|
|
<ul><li>
|
|
|
@ -104,15 +105,18 @@ deriving from the above principles.
|
|
|
|
|
|
|
|
|
|
|
|
<h3><a name="1.3">1.3.</a> Definition of Terms</h3>
|
|
|
|
<h3><a name="1.3">1.3.</a> Definition of Terms</h3>
|
|
|
|
<dl>
|
|
|
|
<dl>
|
|
|
|
|
|
|
|
|
|
|
|
<dt><i>Systems Administrator</i> </dt>
|
|
|
|
<dt><i>Systems Administrator</i> </dt>
|
|
|
|
<dd>
|
|
|
|
<dd>
|
|
|
|
A Member who manages a critial system, and has access
|
|
|
|
A Member who manages a critial system, and has access
|
|
|
|
to security-sensitive functions or data.
|
|
|
|
to security-sensitive functions or data.
|
|
|
|
</dd>
|
|
|
|
</dd>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</dl>
|
|
|
|
|
|
|
|
|
|
|
|
<h3><a name="1.4">1.4.</a> Version control</h3>
|
|
|
|
<h3><a name="1.4">1.4.</a> Version control</h3>
|
|
|
|
|
|
|
|
|
|
|
|
<h4><a name="1.4.1">1.4.1.</a> The Security Policy Document </h3>
|
|
|
|
<h4><a name="1.4.1">1.4.1.</a> The Security Policy Document </h4>
|
|
|
|
<p>
|
|
|
|
<p>
|
|
|
|
This Security Policy is part of the configuration-control specification
|
|
|
|
This Security Policy is part of the configuration-control specification
|
|
|
|
for audit purposes (DRC).
|
|
|
|
for audit purposes (DRC).
|
|
|
@ -123,7 +127,7 @@ It is under the control of Policy on Policy for version purposes.
|
|
|
|
This policy document says what is done, rather than how to do it.
|
|
|
|
This policy document says what is done, rather than how to do it.
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
<h4><a name="1.4.2">1.4.2.</a> The Security Manual (Practices) Document </h3>
|
|
|
|
<h4><a name="1.4.2">1.4.2.</a> The Security Manual (Practices) Document </h4>
|
|
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
<p>
|
|
|
|
This Policy explicitly defers detailed security practices to the
|
|
|
|
This Policy explicitly defers detailed security practices to the
|
|
|
@ -136,7 +140,7 @@ the SM is under the direct control of the Systems Administration team.
|
|
|
|
It is located and version-controlled on the CAcert wiki.
|
|
|
|
It is located and version-controlled on the CAcert wiki.
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
|
|
<h4><a name="1.4.3">1.4.3.</a> The Security Procedures </h3>
|
|
|
|
<h4><a name="1.4.3">1.4.3.</a> The Security Procedures </h4>
|
|
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
<p>
|
|
|
|
The Systems Administration team may from time to time
|
|
|
|
The Systems Administration team may from time to time
|
|
|
@ -155,4 +159,3 @@ Each procedure must be referenced explicitly in the Security Manual.
|
|
|
|
<p><a href="http://validator.w3.org/check?uri=referer"><img src="Images/valid-xhtml11-blue" id="graphics2" alt="Valid XHTML 1.1" align="bottom" border="0" height="33" width="90"></a>
|
|
|
|
<p><a href="http://validator.w3.org/check?uri=referer"><img src="Images/valid-xhtml11-blue" id="graphics2" alt="Valid XHTML 1.1" align="bottom" border="0" height="33" width="90"></a>
|
|
|
|
</p>
|
|
|
|
</p>
|
|
|
|
</body></html>
|
|
|
|
</body></html>
|
|
|
|
|
|
|
|
|
|
|
|