<li>MUST be satisfied as to the identity and competency of the TTP in identification procedures, as though they were to be conducting the assurance themselves
<BR><i>iang: this clause would probably meet DRC C.9.a: "When the CA uses an external registration authority (RA), each RA is positively identified by CA personnel before being authorized to verify identities of subscribers and authorizations of individuals to represent organizational subscribers (see §A.2.v)."</i>
</li>
<li>SHOULD be the most senior Assurer available
</li>
@ -163,6 +164,8 @@
<li>leaving a Remote Assurance Form and copies of identity documents with the TTP for at least 60 days
</li>
<li>sending a Remote Assurance Form and copies of identity documents to the Assurer by mutually agreed medium (eg post, web form or encrypted email)
<BR>
<i>iang: this clause <B>is similar</B> to the requirement DRC C.9.b: "RAs provide the CA with complete documentation on each verified applicant for a certificate." What is different is that the criteria requires the TTP to send the form, not the Member.</i>.
verification process should be accepted by the Assurer.
</P>
<P>
<i>
iang: This clause above probably <b>will NOT meet</b> the criteria DRC C.9.a: "MUST be satisfied as to the identity and competency of the TTP in identification procedures, as though they were to be conducting the assurance themselves."
</P>
<P>The Assurer will keep the following signed documents:</P>
<OL>
<LI><P>Signed document (e.g. CAP or COAP form) for CAcert Community Agreement with the Member.</P></LI>
<LI><P>Signed report of the Trusted Verification Provider for the name verification.</P></LI>
</OL>
<P>
<i>
iang: This clause probably will meet the criteria DRC C.9.b: "RAs provide the CA with complete documentation on each verified applicant for a certificate."
Although, it is not clear how the Signed Report is delivered from TVP to CA.
Ian Grigg
16 years ago