diff --git a/RemoteAssurancePolicy.html b/RemoteAssurancePolicy.html
index dca3c40..cc07c9d 100644
--- a/RemoteAssurancePolicy.html
+++ b/RemoteAssurancePolicy.html
@@ -103,6 +103,7 @@
MUST be approved by a board-appointed RAO
MUST be satisfied as to the identity and competency of the TTP in identification procedures, as though they were to be conducting the assurance themselves
+
iang: this clause would probably meet DRC C.9.a: "When the CA uses an external registration authority (RA), each RA is positively identified by CA personnel before being authorized to verify identities of subscribers and authorizations of individuals to represent organizational subscribers (see §A.2.v)."
SHOULD be the most senior Assurer available
@@ -163,6 +164,8 @@
leaving a Remote Assurance Form and copies of identity documents with the TTP for at least 60 days
sending a Remote Assurance Form and copies of identity documents to the Assurer by mutually agreed medium (eg post, web form or encrypted email)
+
+iang: this clause is similar to the requirement DRC C.9.b: "RAs provide the CA with complete documentation on each verified applicant for a certificate." What is different is that the criteria requires the TTP to send the form, not the Member..
diff --git a/RemoteVerificationPolicy.html b/RemoteVerificationPolicy.html
index 1538aae..1d75530 100644
--- a/RemoteVerificationPolicy.html
+++ b/RemoteVerificationPolicy.html
@@ -55,12 +55,24 @@ Verification Provider (2.2).
verification process should be accepted by the Assurer.
+
+
+iang: This clause above probably will NOT meet the criteria DRC C.9.a: "MUST be satisfied as to the identity and competency of the TTP in identification procedures, as though they were to be conducting the assurance themselves."
+
+
The Assurer will keep the following signed documents:
Signed document (e.g. CAP or COAP form) for CAcert Community Agreement with the Member.
Signed report of the Trusted Verification Provider for the name verification.
+
+
+iang: This clause probably will meet the criteria DRC C.9.b: "RAs provide the CA with complete documentation on each verified applicant for a certificate."
+Although, it is not clear how the Signed Report is delivered from TVP to CA.
+
+
+
2.2 Trusted Verification Provider ("TVP")
Each TVA::
@@ -86,7 +98,7 @@ verification process should be accepted by the Assurer.
must provide a secure mechanism
for validating a member's identity and/or organisation name or trade
- name , including:
+ name, including:
Authentication Tokens