git-svn-id: http://svn.cacert.org/CAcert/Policies@892 14b1bab8-4ef6-0310-b690-991c95c89dfd

16 years ago · 9e540a04c0
parent fa0f6f0103
commit 9e540a04c0
1 changed files with 114 additions and 112 deletions
--- a/RemoteVerificationPolicy.html
+++ b/RemoteVerificationPolicy.html
@ -15,12 +15,14 @@
 			<a href="PolicyOnPolicy.html"><img src="Images/cacert-wip.png" alt="CAcert Policy Status" height="31" width="88" style="border-style: none;" /></a><br />
 			Editor: Pete Stephenson<br />
 			Creation date: 2008-07-12<br />
+			Last change by: Pete<br />
+			Last change date: 2008-07-14 21:42 MST<br />
 			Status: WIP 2008-07-12<br />
 			Next status: DRAFT 08-2008<br />
 			<!-- $Id$ -->
 		</p>
 		<h2>
-			0. Preliminaries
+			0. Preamble
 		</h2>
 		<p>
 			This sub-policy extends the Assurance Policy ("AP") by providing a framework for members to verify their identity via Trusted Verification Provider ("TVP"s) including Government Authorities, Certification Authorities and Commercial Identity Providers, under the supervision of the Assurance Officer ("AO").
@ -32,7 +34,7 @@
 			1. Scope
 		</h2>
 		<p>
-			This sub-policy is available to all members.
+			This sub-policy is available to all Members.
 		</p>
 		<h2>
 			2. Roles
@ -41,7 +43,7 @@
 			2.1 Trusted Verification Provider ("TVP")
 		</h3>
 		<p>
-			Each TVA::
+			Each TVP::
 		</p>
 		<ol style="list-style-type: lower-alpha;">
 			<li>MUST be <i><strong>verifiably practicing identification procedures</strong></i>, typically one of the following:<br />
@ -60,17 +62,17 @@
 			<li>MUST provide a secure mechanism for validating a member's identity, including:
 				<ol style="list-style-type: lower-roman;">
 					<li>
-						<strong>Authentication Tokens</strong> which are delivered to the user and verifiable in a cryptographically strong fashion
+						<strong>Authentication Tokens</strong> which are delivered to the user and verifiable in a cryptographically strong fashion;
 					</li>
 					<li>
-						<strong>Online Verification</strong> via a web interface, ideally which is verified by SSL/TLS
+						<strong>Online Verification</strong> via a web interface, ideally which is verified by SSL/TLS;
 					</li>
 					<li>
-						<strong>Out-of-Band</strong> communication directly with CAcert, Inc. as to the outcome of the verification
+						<strong>Out-of-Band</strong> communication directly with CAcert as to the outcome of the verification;
 					</li>
 				</ol>
 			</li>
-			<li>SHOULD conduct identification procedures similar in nature to CAcert's existing procedures (eg examining ID documents, obtaining 'assurances' from other trusted members)
+			<li>SHOULD conduct identification procedures similar in nature to CAcert's existing procedures (eg examining ID documents, obtaining "assurances" from other trusted members)
 			</li>
 		</ol>
 		<h3>
@ -84,7 +86,7 @@
 			</li>
 			<li>MUST disclose any conflicts of interest (including but not limited to relationships with Assurers)
 			</li>
-			<li>MUST cover the costs of their assurance (if any), including fees imposed by TTPs and Assurers
+			<li>MUST cover the costs of their assurance (if any), including fees imposed by TTPs, TVPs, and Assurers
 			</li>
 		</ol>
 		<h2>