From 9e540a04c098233c5e8978a2e6463b99ceab4ca0 Mon Sep 17 00:00:00 2001
From: Pete Stephenson <pete@heypete.com>
Date: Wed, 6 Aug 2008 08:31:56 +0000
Subject: [PATCH] git-svn-id: http://svn.cacert.org/CAcert/Policies@892
 14b1bab8-4ef6-0310-b690-991c95c89dfd

---
 RemoteVerificationPolicy.html | 226 +++++++++++++++++-----------------
 1 file changed, 114 insertions(+), 112 deletions(-)

diff --git a/RemoteVerificationPolicy.html b/RemoteVerificationPolicy.html
index fc23653..ebc885f 100644
--- a/RemoteVerificationPolicy.html
+++ b/RemoteVerificationPolicy.html
@@ -1,112 +1,114 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
-	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-	<head>
-		<title>
-			CACert Remote Verification Policy (RVP)
-		</title>
-	</head>
-	<body>
-		<h1>
-			CACert Remote Verification Policy (RVP)
-		</h1>
-		<p>
-			<a href="PolicyOnPolicy.html"><img src="Images/cacert-wip.png" alt="CAcert Policy Status" height="31" width="88" style="border-style: none;" /></a><br />
-			Editor: Pete Stephenson<br />
-			Creation date: 2008-07-12<br />
-			Status: WIP 2008-07-12<br />
-			Next status: DRAFT 08-2008<br />
-			<!-- $Id$ -->
-		</p>
-		<h2>
-			0. Preliminaries
-		</h2>
-		<p>
-			This sub-policy extends the Assurance Policy ("AP") by providing a framework for members to verify their identity via Trusted Verification Provider ("TVP"s) including Government Authorities, Certification Authorities and Commercial Identity Providers, under the supervision of the Assurance Officer ("AO").
-		</p>
-		<p>
-			Successful completion of the process defined in RVP sub-policies shall result in the allocation of up to 50 points depending on level of trust in the TVP and the verification process.
-		</p>
-		<h2>
-			1. Scope
-		</h2>
-		<p>
-			This sub-policy is available to all members.
-		</p>
-		<h2>
-			2. Roles
-		</h2>
-		<h3>
-			2.1 Trusted Verification Provider ("TVP")
-		</h3>
-		<p>
-			Each TVA::
-		</p>
-		<ol style="list-style-type: lower-alpha;">
-			<li>MUST be <i><strong>verifiably practicing identification procedures</strong></i>, typically one of the following:<br />
-				<ol style="list-style-type: lower-roman;">
-					<li>
-						<strong>Government Authorities</strong> responsible for issuing ID documents or providing taxation functions
-					</li>
-					<li>
-						<strong>Certification Authorities</strong> issuing authentication tokens (including certificates) based on a published identity verification process
-					</li>
-					<li>
-						<strong>Commercial Identity Providers</strong> providing identity verification as a commercial service
-					</li>
-				</ol>
-			</li>
-			<li>MUST provide a secure mechanism for validating a member's identity, including:
-				<ol style="list-style-type: lower-roman;">
-					<li>
-						<strong>Authentication Tokens</strong> which are delivered to the user and verifiable in a cryptographically strong fashion
-					</li>
-					<li>
-						<strong>Online Verification</strong> via a web interface, ideally which is verified by SSL/TLS
-					</li>
-					<li>
-						<strong>Out-of-Band</strong> communication directly with CAcert, Inc. as to the outcome of the verification
-					</li>
-				</ol>
-			</li>
-			<li>SHOULD conduct identification procedures similar in nature to CAcert's existing procedures (eg examining ID documents, obtaining 'assurances' from other trusted members)
-			</li>
-		</ol>
-		<h3>
-			2.4 Member
-		</h3>
-		<p>
-			A Member (the subject of a verification) using the Remote Verification program:
-		</p>
-		<ol style="list-style-type: lower-alpha;">
-			<li>MUST agree to be bound the CAcert Community Agreement (CCA), including the Disupute Resolution Policy (DRP)
-			</li>
-			<li>MUST disclose any conflicts of interest (including but not limited to relationships with Assurers)
-			</li>
-			<li>MUST cover the costs of their assurance (if any), including fees imposed by TTPs and Assurers
-			</li>
-		</ol>
-		<h2>
-			3. Processes
-		</h2>
-		<h3>
-			3.1 Verification
-		</h3>
-		<ol style="list-style-type: lower-alpha;">
-			<li>Member SHALL create a CAcert account and agree to the CAcert Community Agreement (CCA)
-			</li>
-			<li>Member SHALL complete the procedure specified by the applicable sub-policy(s), including being verified by the TVP
-			</li>
-		</ol>
-		<h2>
-			4. Documentation
-		</h2>
-		<p>
-			Where documentation is required by the verification process it shall be subject to the prevailing records management policies which may require that it be kept for a certain period or destroyed immediately after processing.
-		</p>
-		<p>
-			<a href="http://validator.w3.org/check?uri=referer"><img src="Images/valid-xhtml11-blue" alt="Valid XHTML 1.1" height="31" width="88" style="border-style: none;" /></a>
-		</p>
-	</body>
-</html>
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+	<head>
+		<title>
+			CACert Remote Verification Policy (RVP)
+		</title>
+	</head>
+	<body>
+		<h1>
+			CACert Remote Verification Policy (RVP)
+		</h1>
+		<p>
+			<a href="PolicyOnPolicy.html"><img src="Images/cacert-wip.png" alt="CAcert Policy Status" height="31" width="88" style="border-style: none;" /></a><br />
+			Editor: Pete Stephenson<br />
+			Creation date: 2008-07-12<br />
+			Last change by: Pete<br />
+			Last change date: 2008-07-14 21:42 MST<br />
+			Status: WIP 2008-07-12<br />
+			Next status: DRAFT 08-2008<br />
+			<!-- $Id$ -->
+		</p>
+		<h2>
+			0. Preamble
+		</h2>
+		<p>
+			This sub-policy extends the Assurance Policy ("AP") by providing a framework for members to verify their identity via Trusted Verification Provider ("TVP"s) including Government Authorities, Certification Authorities and Commercial Identity Providers, under the supervision of the Assurance Officer ("AO").
+		</p>
+		<p>
+			Successful completion of the process defined in RVP sub-policies shall result in the allocation of up to 50 points depending on level of trust in the TVP and the verification process.
+		</p>
+		<h2>
+			1. Scope
+		</h2>
+		<p>
+			This sub-policy is available to all Members.
+		</p>
+		<h2>
+			2. Roles
+		</h2>
+		<h3>
+			2.1 Trusted Verification Provider ("TVP")
+		</h3>
+		<p>
+			Each TVP::
+		</p>
+		<ol style="list-style-type: lower-alpha;">
+			<li>MUST be <i><strong>verifiably practicing identification procedures</strong></i>, typically one of the following:<br />
+				<ol style="list-style-type: lower-roman;">
+					<li>
+						<strong>Government Authorities</strong> responsible for issuing ID documents or providing taxation functions
+					</li>
+					<li>
+						<strong>Certification Authorities</strong> issuing authentication tokens (including certificates) based on a published identity verification process
+					</li>
+					<li>
+						<strong>Commercial Identity Providers</strong> providing identity verification as a commercial service
+					</li>
+				</ol>
+			</li>
+			<li>MUST provide a secure mechanism for validating a member's identity, including:
+				<ol style="list-style-type: lower-roman;">
+					<li>
+						<strong>Authentication Tokens</strong> which are delivered to the user and verifiable in a cryptographically strong fashion;
+					</li>
+					<li>
+						<strong>Online Verification</strong> via a web interface, ideally which is verified by SSL/TLS;
+					</li>
+					<li>
+						<strong>Out-of-Band</strong> communication directly with CAcert as to the outcome of the verification;
+					</li>
+				</ol>
+			</li>
+			<li>SHOULD conduct identification procedures similar in nature to CAcert's existing procedures (eg examining ID documents, obtaining "assurances" from other trusted members)
+			</li>
+		</ol>
+		<h3>
+			2.4 Member
+		</h3>
+		<p>
+			A Member (the subject of a verification) using the Remote Verification program:
+		</p>
+		<ol style="list-style-type: lower-alpha;">
+			<li>MUST agree to be bound the CAcert Community Agreement (CCA), including the Disupute Resolution Policy (DRP)
+			</li>
+			<li>MUST disclose any conflicts of interest (including but not limited to relationships with Assurers)
+			</li>
+			<li>MUST cover the costs of their assurance (if any), including fees imposed by TTPs, TVPs, and Assurers
+			</li>
+		</ol>
+		<h2>
+			3. Processes
+		</h2>
+		<h3>
+			3.1 Verification
+		</h3>
+		<ol style="list-style-type: lower-alpha;">
+			<li>Member SHALL create a CAcert account and agree to the CAcert Community Agreement (CCA)
+			</li>
+			<li>Member SHALL complete the procedure specified by the applicable sub-policy(s), including being verified by the TVP
+			</li>
+		</ol>
+		<h2>
+			4. Documentation
+		</h2>
+		<p>
+			Where documentation is required by the verification process it shall be subject to the prevailing records management policies which may require that it be kept for a certain period or destroyed immediately after processing.
+		</p>
+		<p>
+			<a href="http://validator.w3.org/check?uri=referer"><img src="Images/valid-xhtml11-blue" alt="Valid XHTML 1.1" height="31" width="88" style="border-style: none;" /></a>
+		</p>
+	</body>
+</html>