added some comments and references to criteria
git-svn-id: http://svn.cacert.org/CAcert/Policies@1389 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
parent
d05d626902
commit
be576b69cf
2 changed files with 16 additions and 1 deletions
|
@ -103,6 +103,7 @@
|
|||
<li>MUST be approved by a board-appointed RAO
|
||||
</li>
|
||||
<li>MUST be satisfied as to the identity and competency of the TTP in identification procedures, as though they were to be conducting the assurance themselves
|
||||
<BR><i>iang: this clause would probably meet DRC C.9.a: "When the CA uses an external registration authority (RA), each RA is positively identified by CA personnel before being authorized to verify identities of subscribers and authorizations of individuals to represent organizational subscribers (see §A.2.v)."</i>
|
||||
</li>
|
||||
<li>SHOULD be the most senior Assurer available
|
||||
</li>
|
||||
|
@ -163,6 +164,8 @@
|
|||
<li>leaving a Remote Assurance Form and copies of identity documents with the TTP for at least 60 days
|
||||
</li>
|
||||
<li>sending a Remote Assurance Form and copies of identity documents to the Assurer by mutually agreed medium (eg post, web form or encrypted email)
|
||||
<BR>
|
||||
<i>iang: this clause <B>is similar</B> to the requirement DRC C.9.b: "RAs provide the CA with complete documentation on each verified applicant for a certificate." What is different is that the criteria requires the TTP to send the form, not the Member.</i>.
|
||||
</li>
|
||||
</ol>
|
||||
</li>
|
||||
|
|
|
@ -55,12 +55,24 @@ Verification Provider (2.2).</P>
|
|||
verification process should be accepted by the Assurer.
|
||||
</P>
|
||||
|
||||
<P>
|
||||
<i>
|
||||
iang: This clause above probably <b>will NOT meet</b> the criteria DRC C.9.a: "MUST be satisfied as to the identity and competency of the TTP in identification procedures, as though they were to be conducting the assurance themselves."
|
||||
</P>
|
||||
|
||||
<P>The Assurer will keep the following signed documents:</P>
|
||||
<OL>
|
||||
<LI><P>Signed document (e.g. CAP or COAP form) for CAcert Community Agreement with the Member.</P></LI>
|
||||
<LI><P>Signed report of the Trusted Verification Provider for the name verification.</P></LI>
|
||||
</OL>
|
||||
|
||||
<P>
|
||||
<i>
|
||||
iang: This clause probably will meet the criteria DRC C.9.b: "RAs provide the CA with complete documentation on each verified applicant for a certificate."
|
||||
Although, it is not clear how the Signed Report is delivered from TVP to CA.
|
||||
</P>
|
||||
|
||||
|
||||
<H3>2.2 Trusted Verification Provider ("TVP") </H3>
|
||||
|
||||
<P>Each TVA:: </P>
|
||||
|
|
Loading…
Reference in a new issue