Added 50/100 assurance points minimum 2/3 assurances needed again.
Commented out what goes in cert impl policy and ass. handbook. Added chapter numbering. git-svn-id: http://svn.cacert.org/CAcert/Policies@877 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
parent
633983da05
commit
bf798d2933
1 changed files with 88 additions and 94 deletions
|
@ -4,7 +4,7 @@
|
||||||
|
|
||||||
<meta name="CREATED" content="20080530;0">
|
<meta name="CREATED" content="20080530;0">
|
||||||
<meta name="CHANGEDBY" content="Teus Hagen">
|
<meta name="CHANGEDBY" content="Teus Hagen">
|
||||||
<meta name="CHANGED" content="20080707;15011800">
|
<meta name="CHANGED" content="20080709;12381800">
|
||||||
<meta name="CREATEDBY" content="Ian Grigg">
|
<meta name="CREATEDBY" content="Ian Grigg">
|
||||||
<meta name="CHANGEDBY" content="Teus Hagen">
|
<meta name="CHANGEDBY" content="Teus Hagen">
|
||||||
<meta name="CHANGEDBY" content="Robert Cruikshank">
|
<meta name="CHANGEDBY" content="Robert Cruikshank">
|
||||||
|
@ -20,9 +20,7 @@ DD { color: #000000 }
|
||||||
H3 { color: #000000 }
|
H3 { color: #000000 }
|
||||||
TH P { color: #000000 }
|
TH P { color: #000000 }
|
||||||
-->
|
-->
|
||||||
</style>
|
</style></head>
|
||||||
</head>
|
|
||||||
|
|
||||||
<body style="direction: ltr; color: rgb(0, 0, 0);" lang="en-GB">
|
<body style="direction: ltr; color: rgb(0, 0, 0);" lang="en-GB">
|
||||||
<h1>Assurance Policy for CAcert Community Members</h1>
|
<h1>Assurance Policy for CAcert Community Members</h1>
|
||||||
<p><a href="PolicyOnPolicy.html"><img src="Images/cacert-wip.png" name="graphics1" alt="CAcert Policy Status" align="bottom" border="0" height="33" width="90"></a>
|
<p><a href="PolicyOnPolicy.html"><img src="Images/cacert-wip.png" name="graphics1" alt="CAcert Policy Status" align="bottom" border="0" height="33" width="90"></a>
|
||||||
|
@ -36,25 +34,25 @@ Next status: DRAFT June 2008 </p>
|
||||||
<h2>0. Preamble</h2>
|
<h2>0. Preamble</h2>
|
||||||
<p>Definitions of terms: </p>
|
<p>Definitions of terms: </p>
|
||||||
<dl>
|
<dl>
|
||||||
<dt><em>Member</em> </dt>
|
<dt><i>Member</i> </dt>
|
||||||
<dd> A Member is an individual who has agreed to the CAcert
|
<dd> A Member is an individual who has agreed to the CAcert
|
||||||
Community Agreement (<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.php" target="_blank">CCA</a>) and has created successfully
|
Community Agreement (<a href="http://www.cacert.org/policy/CAcertCommunityAgreement.php" target="_blank">CCA</a>) and has created successfully
|
||||||
a CAcert login account on the CAcert web site. </dd>
|
a CAcert login account on the CAcert web site. </dd>
|
||||||
<dt> <em>Assurance</em> </dt>
|
<dt> <i>Assurance</i> </dt>
|
||||||
<dd> Assurance is the process by which a Member of CAcert
|
<dd> Assurance is the process by which a Member of CAcert
|
||||||
Community (Assurer) identifies an individual (<span lang="en-US">Assuree</span>).
|
Community (Assurer) identifies an individual (<span lang="en-US">Assuree</span>).
|
||||||
</dd>
|
</dd>
|
||||||
<dt> <i>Prospective Member</i> </dt>
|
<dt> <i>Prospective Member</i> </dt>
|
||||||
<dd> An individual who has been assured in an Assurance
|
<dd> An individual who has been assured in an Assurance
|
||||||
process, but has not yet created successfully a CAcert login account. </dd>
|
process, but has not yet created successfully a CAcert login account. </dd>
|
||||||
<dt> <em>Name</em> </dt>
|
<dt> <i>Name</i> </dt>
|
||||||
<dd> A Name is the full name of an individual, with all
|
<dd> A Name is the full name of an individual, with all
|
||||||
components of that name.</dd>
|
components of that name.</dd>
|
||||||
<dd> (Title(s), first name(s), family name(s), name extensions,
|
<dd> (Title(s), first name(s), family name(s), name extensions,
|
||||||
abbreviation of name(s), etc. <br>
|
abbreviation of name(s), etc. <br>
|
||||||
The Name is technically spoken a string exactly taken e.g. from a
|
The Name is technically spoken a string exactly taken e.g. from a
|
||||||
governmental issued photo ID.) </dd>
|
governmental issued photo ID.) </dd>
|
||||||
<dt> <em>Secondary Distinguishing Feature</em>
|
<dt> <i>Secondary Distinguishing Feature</i>
|
||||||
(DoB) </dt>
|
(DoB) </dt>
|
||||||
<dd> A Name for an individual is discriminated from similar
|
<dd> A Name for an individual is discriminated from similar
|
||||||
full names by a secondary distinguished feature, as recorded on the
|
full names by a secondary distinguished feature, as recorded on the
|
||||||
|
@ -65,7 +63,7 @@ on-line CAcert (web) account. <br>
|
||||||
The CAcert Web of Trust</h3>
|
The CAcert Web of Trust</h3>
|
||||||
<p>At each Assurance one allocates a number of Assurance Points,
|
<p>At each Assurance one allocates a number of Assurance Points,
|
||||||
applied to the assured Member. By combining the Assurances, and the
|
applied to the assured Member. By combining the Assurances, and the
|
||||||
Assurance Points, CAcert constructs a global <em>Web-of-Trust</em>
|
Assurance Points, CAcert constructs a global <i>Web-of-Trust</i>
|
||||||
or
|
or
|
||||||
"WoT". </p>
|
"WoT". </p>
|
||||||
<p>CAcert explicitly chooses to meet its various goals by
|
<p>CAcert explicitly chooses to meet its various goals by
|
||||||
|
@ -89,7 +87,7 @@ experience and circumstances. It is also more readable. </p>
|
||||||
and CAcert Policy Statement (<a href="http://svn.cacert.org/CAcert/policy.htm" target="_blank">CPS</a>).
|
and CAcert Policy Statement (<a href="http://svn.cacert.org/CAcert/policy.htm" target="_blank">CPS</a>).
|
||||||
</p>
|
</p>
|
||||||
<h2>1. Assurance Purpose</h2>
|
<h2>1. Assurance Purpose</h2>
|
||||||
<p>The purpose of Assurance is to add <span style="font-style: normal;">confidence</span>
|
<p>The purpose of Assurance is to add confidence
|
||||||
in the Assurance Statement made by the CAcert Community of a Member. </p>
|
in the Assurance Statement made by the CAcert Community of a Member. </p>
|
||||||
<p>With sufficient assurances, a Member may: (a) issue
|
<p>With sufficient assurances, a Member may: (a) issue
|
||||||
certificates
|
certificates
|
||||||
|
@ -128,9 +126,9 @@ by
|
||||||
the Assurance Points. </p>
|
the Assurance Points. </p>
|
||||||
<h3>Relying Party Statement</h3>
|
<h3>Relying Party Statement</h3>
|
||||||
<p>The primary goal of the Assurance Statement is for the express
|
<p>The primary goal of the Assurance Statement is for the express
|
||||||
purpose of certificates to meet the needs of the <em>Relying
|
purpose of certificates to meet the needs of the <i>Relying
|
||||||
Party
|
Party
|
||||||
Statement</em>, which latter is found in the Certification
|
Statement</i>, which latter is found in the Certification
|
||||||
Practice
|
Practice
|
||||||
Statement (<a href="http://svn.cacert.org/CAcert/policy.htm" target="_blank">CPS</a>).
|
Statement (<a href="http://svn.cacert.org/CAcert/policy.htm" target="_blank">CPS</a>).
|
||||||
</p>
|
</p>
|
||||||
|
@ -138,7 +136,7 @@ Statement (<a href="http://svn.cacert.org/CAcert/policy.htm" target="_blank">CPS
|
||||||
may
|
may
|
||||||
be incorporated, e.g. Name. Other parts may be implied, e.g.
|
be incorporated, e.g. Name. Other parts may be implied, e.g.
|
||||||
Membership, exact account and status. They all are part of the
|
Membership, exact account and status. They all are part of the
|
||||||
<em>Relying Party Statement</em>. In short, this means that
|
<i>Relying Party Statement</i>. In short, this means that
|
||||||
other
|
other
|
||||||
Members of the Community may rely on the information verified by
|
Members of the Community may rely on the information verified by
|
||||||
Assurance and found in the certificate. </p>
|
Assurance and found in the certificate. </p>
|
||||||
|
@ -149,7 +147,7 @@ nature of Assurance, the number of Assurance Points, and other
|
||||||
policies and processes should be understood as limitations on any
|
policies and processes should be understood as limitations on any
|
||||||
reliance. </p>
|
reliance. </p>
|
||||||
<h2>2. The Member</h2>
|
<h2>2. The Member</h2>
|
||||||
<h3>The Name in the CAcert login account</h3>
|
<h3>2.1 The Name in the CAcert login account</h3>
|
||||||
<p lang="en-AU">At least one individual Name is recorded
|
<p lang="en-AU">At least one individual Name is recorded
|
||||||
in the
|
in the
|
||||||
CAcert login account. The Name is recorded as a string of characters,
|
CAcert login account. The Name is recorded as a string of characters,
|
||||||
|
@ -165,7 +163,7 @@ the applicable level of 50 Assurance Point is defined as an Assured
|
||||||
Name. An Assured Name can be used in a certificate issued by CAcert.
|
Name. An Assured Name can be used in a certificate issued by CAcert.
|
||||||
A Member with at least one Assured Name has reached the Assured
|
A Member with at least one Assured Name has reached the Assured
|
||||||
Member status.</p>
|
Member status.</p>
|
||||||
<h3>Multiple Names and variations</h3>
|
<h3>2.2. Multiple Names and variations</h3>
|
||||||
<p>A Member may have multiple Names or multiple variations of a
|
<p>A Member may have multiple Names or multiple variations of a
|
||||||
Name.
|
Name.
|
||||||
For example, married name, variations of initials of first or middle
|
For example, married name, variations of initials of first or middle
|
||||||
|
@ -174,45 +172,41 @@ variations and transliterations of characters in a name.</p>
|
||||||
<p>The login account may record multiple Names. Each of the
|
<p>The login account may record multiple Names. Each of the
|
||||||
Assured
|
Assured
|
||||||
Names can be selected to be used in a certificate issued by CAcert.</p>
|
Names can be selected to be used in a certificate issued by CAcert.</p>
|
||||||
<h3><strike>FOLLOWING GOES TO ASSURER HANDBOOK</strike></h3>
|
<!--
|
||||||
<h3><strike>Comparison of names</strike></h3>
|
FOLLOWING GOES TO ASSURER HANDBOOK
|
||||||
<p><strike><a href="http://en.wikipedia.org/wiki/Transliteration" target="_blank">Transliteration</a>
|
<h3>Comparison of names</h3>
|
||||||
|
<p><a href="http://en.wikipedia.org/wiki/Transliteration" target="_blank">Transliteration</a>
|
||||||
of characters as defined in the transliteration character table (<a href="http://svn.cacert.org/CAcert/Policies/transtab.utf" target="_blank">UTF
|
of characters as defined in the transliteration character table (<a href="http://svn.cacert.org/CAcert/Policies/transtab.utf" target="_blank">UTF
|
||||||
Transtab</a>) for names is permitted, but the result must be
|
Transtab</a>) for names is permitted, but the result must be
|
||||||
7-bit
|
7-bit
|
||||||
ASCII for the full name. Transliteration is one way and is towards
|
ASCII for the full name. Transliteration is one way and is towards
|
||||||
7-bit ASCII. Transliteration is a way to compare two names. However
|
7-bit ASCII. Transliteration is a way to compare two names. However
|
||||||
transliteration of a Name makes the Name less discriminative.</strike></p>
|
transliteration of a Name makes the Name less discriminative.</p>
|
||||||
<p><strike>In general names are handled case insensitively.</strike></p>
|
<p>In general names are handled case insensitively.</p>
|
||||||
<p><strike>Abbreviation of second given name(s), middle
|
<p>Abbreviation of second given name(s), middle name(s),
|
||||||
name(s),
|
|
||||||
titles and name extensions in the name of an individual to one
|
titles and name extensions in the name of an individual to one
|
||||||
character and the dot indicating the abbreviation, is permitted. If
|
character and the dot indicating the abbreviation, is permitted. If
|
||||||
the first given name in the ID document is abbreviated, the first
|
the first given name in the ID document is abbreviated, the first
|
||||||
given name in the web account Name may be abbreviated. Abbreviation
|
given name in the web account Name may be abbreviated. Abbreviation
|
||||||
of a name makes the name less discriminative.</strike></p>
|
of a name makes the name less discriminative.</p>
|
||||||
<p><strike>A Name on an ID which has initials
|
<p>A Name on an ID which has initials (abbreviations) for
|
||||||
(abbreviations) for
|
|
||||||
titles, name extensions and given names, and/or transliterations as
|
titles, name extensions and given names, and/or transliterations as
|
||||||
defined in the transliteration table can be taken into account for
|
defined in the transliteration table can be taken into account for
|
||||||
assurance for a Name in the account which is not abbreviated or
|
assurance for a Name in the account which is not abbreviated or
|
||||||
transliterated.</strike></p>
|
transliterated.</p>
|
||||||
<p><strike>Titles and name extensions in the name of an
|
<p>Titles and name extensions in the name of an individual
|
||||||
individual
|
may be omitted.</p>
|
||||||
may be omitted.</strike></p>
|
<p>The assurance ambition is to pursue
|
||||||
<p><strike>The assurance ambition is to pursue
|
|
||||||
a highly discriminative assured Name in the account. The ambition is
|
a highly discriminative assured Name in the account. The ambition is
|
||||||
to have only a Name in the account which has no abbreviation(s), no
|
to have only a Name in the account which has no abbreviation(s), no
|
||||||
transliteration and is case sensitive.</strike></p>
|
transliteration and is case sensitive.</p>
|
||||||
<h3><strike>FOLLOWING GOES TO Certficate
|
|
||||||
Implementation Policy </strike>
|
FOLLOWING GOES TO Certficate Implementation Policy
|
||||||
</h3>
|
<h3>Names on the certificate issued by CAcert</h3>
|
||||||
<h3><strike>Names on the certificate issued by CAcert</strike></h3>
|
<p>The Certificate Implementation Policy (<a href="http://svn.cacert.org/CAcert/Policies/CertificateImplementationPolicy.html" target="_blank">CIP</a>)
|
||||||
<p><strike>The Certificate Implementation Policy (<a href="http://svn.cacert.org/CAcert/Policies/CertificateImplementationPolicy.html" target="_blank">CIP</a>)
|
|
||||||
will define the fields added by CAcert on the issued certificate on
|
will define the fields added by CAcert on the issued certificate on
|
||||||
request of the Member.</strike></p>
|
request of the Member.</p>
|
||||||
<p><strike>The Common Name and related certificate fields
|
<p>The Common Name and related certificate fields in the
|
||||||
in the
|
|
||||||
issued certificate is dependent on the assurance of the Name in the
|
issued certificate is dependent on the assurance of the Name in the
|
||||||
web account. Abbreviation and transliteration handling in the CN is
|
web account. Abbreviation and transliteration handling in the CN is
|
||||||
defined in the Certificate Implementation Policy and is similar to
|
defined in the Certificate Implementation Policy and is similar to
|
||||||
|
@ -221,103 +215,103 @@ Name may become less discriminative as than
|
||||||
the assured Name as the unique certificate serial number will lead to
|
the assured Name as the unique certificate serial number will lead to
|
||||||
the account of the individual in a unique way, and in this way to the
|
the account of the individual in a unique way, and in this way to the
|
||||||
Name and email address of the individual or organisation. The first
|
Name and email address of the individual or organisation. The first
|
||||||
given name in the Common Name may be abbreviated on request.</strike></p>
|
given name in the Common Name may be abbreviated on request.</p>
|
||||||
<p><strike>The certificate issued by CAcert can have on
|
<p>The certificate issued by CAcert can have on request of
|
||||||
request of
|
|
||||||
the Member the SubjAltName field. The name as defined by the Member
|
the Member the SubjAltName field. The name as defined by the Member
|
||||||
is not checked by CAcert.</strike></p>
|
is not checked by CAcert.</p>
|
||||||
<table border="1" cellpadding="2" cellspacing="0">
|
<table border="1" cellpadding="2" cellspacing="0">
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr>
|
<tr>
|
||||||
<th width="25%">
|
<th width="25%">
|
||||||
<p><strike><i>name on the ID</i></strike></p>
|
<p><i>name on the ID</i></p>
|
||||||
</th>
|
</th>
|
||||||
<th width="25%">
|
<th width="25%">
|
||||||
<p><strike><i>assured Name in the account</i></strike></p>
|
<p><i>assured Name in the account</i></p>
|
||||||
</th>
|
</th>
|
||||||
<th width="25%">
|
<th width="25%">
|
||||||
<p><strike><i>name in the certificate request</i></strike></p>
|
<p><i>name in the certificate request</i></p>
|
||||||
</th>
|
</th>
|
||||||
<th width="25%">
|
<th width="25%">
|
||||||
<p><strike><i>name on the issued certificate</i></strike></p>
|
<p><i>name on the issued certificate</i></p>
|
||||||
</th>
|
</th>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Maria Kate Märvel-Java </strike> </p>
|
<p>Maria Kate Märvel-Java </p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Maria K. Maervel-Java</strike></p>
|
<p>Maria K. Maervel-Java</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>M. K. Märvel-Java</strike></p>
|
<p>M. K. Märvel-Java</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Maria K. Maervel-Java</strike></p>
|
<p>Maria K. Maervel-Java</p>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>prof. dr. John K. Marvel</strike></p>
|
<p>prof. dr. John K. Marvel</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>John K. Marvel</strike></p>
|
<p>John K. Marvel</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>John K. Marvel</strike></p>
|
<p>John K. Marvel</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>John K. Marvel</strike></p>
|
<p>John K. Marvel</p>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Moeria Koete v. Java</strike></p>
|
<p>Moeria Koete v. Java</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Möria Kœté von Java</strike></p>
|
<p>Möria Kœté von Java</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Möria K. v. Java</strike></p>
|
<p>Möria K. v. Java</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Möria K. v. Java</strike></p>
|
<p>Möria K. v. Java</p>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Jamé de Häring sr</strike></p>
|
<p>Jamé de Häring sr</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Jame de Haering</strike></p>
|
<p>Jame de Haering</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>J. d. Häring</strike></p>
|
<p>J. d. Häring</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>J. d. Haering</strike></p>
|
<p>J. d. Haering</p>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>Jame d. Haering sr</strike></p>
|
<p>Jame d. Haering sr</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>dr Jamé de Häring</strike></p>
|
<p>dr Jamé de Häring</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>John de Haering</strike></p>
|
<p>John de Haering</p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><strike>dr Jamé de Häring</strike></p>
|
<p>dr Jamé de Häring</p>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
<p align="center"><strike><font size="2">table
|
<p align="center"><font size="2">table
|
||||||
Examples of names in
|
Examples of names in
|
||||||
different contexts</font></strike></p>
|
different contexts</font></p>
|
||||||
<h3>Status and Capabilities</h3>
|
-->
|
||||||
|
<h3>2.3. Status and Capabilities</h3>
|
||||||
<p>A Member has the following capabilities derived from
|
<p>A Member has the following capabilities derived from
|
||||||
Assurance: </p>
|
Assurance: </p>
|
||||||
<table border="1" cellpadding="5" cellspacing="0">
|
<table border="1" cellpadding="5" cellspacing="0">
|
||||||
|
@ -450,7 +444,7 @@ Community. </p>
|
||||||
</li>
|
</li>
|
||||||
</ul>
|
</ul>
|
||||||
<h2>4. The Assurance</h2>
|
<h2>4. The Assurance</h2>
|
||||||
<h3>The Assurance Process</h3>
|
<h3>4.1. The Assurance Process</h3>
|
||||||
<p>The Assurer conducts the process of Assurance with each
|
<p>The Assurer conducts the process of Assurance with each
|
||||||
Member. </p>
|
Member. </p>
|
||||||
<p>The process consists of: </p>
|
<p>The process consists of: </p>
|
||||||
|
@ -484,7 +478,7 @@ Assuree (Mutual Assurance); </p>
|
||||||
forms by Assurer. </p>
|
forms by Assurer. </p>
|
||||||
</li>
|
</li>
|
||||||
</ol>
|
</ol>
|
||||||
<h3>Mutual Assurance</h3>
|
<h3>4.2. Mutual Assurance</h3>
|
||||||
<p>Mutual Assurance follows the principle of reciprocity. This
|
<p>Mutual Assurance follows the principle of reciprocity. This
|
||||||
means
|
means
|
||||||
that the Assurance may be two-way, and that each member participating
|
that the Assurance may be two-way, and that each member participating
|
||||||
|
@ -497,21 +491,21 @@ procedure and process, and is responsible for the results. </p>
|
||||||
the
|
the
|
||||||
Assurer, and reduces any sense of power. It is also an important aid
|
Assurer, and reduces any sense of power. It is also an important aid
|
||||||
to the assurance training for future Assurers. </p>
|
to the assurance training for future Assurers. </p>
|
||||||
<h3>Evidence of Assurer status</h3>
|
<h3>4.3. Evidence of Assurer status</h3>
|
||||||
<p>On the question of providing evidence that one is an Assurer,
|
<p>On the question of providing evidence that one is an Assurer,
|
||||||
CAcert Policy Statement (<a href="http://svn.cacert.org/CAcert/policy.htm#p3.2" target="_blank">CPS</a>)
|
CAcert Policy Statement (<a href="http://svn.cacert.org/CAcert/policy.htm#p3.2" target="_blank">CPS</a>)
|
||||||
says:<em> "The level at which each Member is Assured is public
|
says:<i> "The level at which each Member is Assured is public
|
||||||
data. The number of Assurance Points for each Member is not
|
data. The number of Assurance Points for each Member is not
|
||||||
published.</em>.".</p>
|
published.</i>.".</p>
|
||||||
<h3>Assurance Points</h3>
|
<h3>4.4. Assurance Points</h3>
|
||||||
<p>The Assurance applies Assurance Points to each Member which
|
<p>The Assurance applies Assurance Points to each Member which
|
||||||
measure the increase of confidence in the Statement (above).
|
measure the increase of confidence in the Statement (above).
|
||||||
Assurance Points should not be interpreted for any other purpose.
|
Assurance Points should not be interpreted for any other purpose.
|
||||||
Note that, even though they are sometimes referred to as <em>Web-of-Trust</em>
|
Note that, even though they are sometimes referred to as <i>Web-of-Trust</i>
|
||||||
(Assurance) Points, or <em>Trust</em> Points, the meaning
|
(Assurance) Points, or <i>Trust</i> Points, the meaning
|
||||||
of the word
|
of the word
|
||||||
'Trust' is not well defined. </p>
|
'Trust' is not well defined. </p>
|
||||||
<p><em>Assurance Points Allocation</em><br>
|
<p><i>Assurance Points Allocation</i><br>
|
||||||
An Assurer can allocate a
|
An Assurer can allocate a
|
||||||
number of Assurance Points to the Member according to the Assurer's
|
number of Assurance Points to the Member according to the Assurer's
|
||||||
experience (Experience Point system, see below). The allocation of
|
experience (Experience Point system, see below). The allocation of
|
||||||
|
@ -534,11 +528,11 @@ information presented: </p>
|
||||||
<p>Any lesser confidence should result in less Assurance Points
|
<p>Any lesser confidence should result in less Assurance Points
|
||||||
for a
|
for a
|
||||||
Name. If the Assurer has no confidence in the information presented,
|
Name. If the Assurer has no confidence in the information presented,
|
||||||
then <em>zero </em>Assurance Points may be allocated by
|
then <i>zero </i>Assurance Points may be allocated by
|
||||||
the Assurer.
|
the Assurer.
|
||||||
For example, this may happen if the identity documents are totally
|
For example, this may happen if the identity documents are totally
|
||||||
unfamiliar to the Assurer. The number of Assurance Points from <em>zero</em>
|
unfamiliar to the Assurer. The number of Assurance Points from <i>zero</i>
|
||||||
to <em>maximum </em>is guided by the Assurance Handbook
|
to <i>maximum </i>is guided by the Assurance Handbook
|
||||||
and the
|
and the
|
||||||
judgement of the Assurer. </p>
|
judgement of the Assurer. </p>
|
||||||
<p>Multiple Names should be allocated separately in a single
|
<p>Multiple Names should be allocated separately in a single
|
||||||
|
@ -548,23 +542,23 @@ reciprocal process a maximum of 2 Assurance Points, according to his
|
||||||
judgement. The Assurer should strive to have the Member allocate
|
judgement. The Assurer should strive to have the Member allocate
|
||||||
according to the Member's judgement, and stay on the cautious side a
|
according to the Member's judgement, and stay on the cautious side a
|
||||||
maximum of Assurance Points per Name; a (new) Member new to the
|
maximum of Assurance Points per Name; a (new) Member new to the
|
||||||
assurance process should allocate <em>zero</em> Assurance
|
assurance process should allocate <i>zero</i> Assurance
|
||||||
Points
|
Points
|
||||||
until they get some confidence in what is happening.</p>
|
until they get some confidence in what is happening.</p>
|
||||||
<p><strike>To reach 50 Assurance Points for a Name the
|
<p>To reach 50 Assurance Points for a Name the Member must
|
||||||
Member must
|
|
||||||
have had at least two assurances on that Name: the Assured Member has
|
have had at least two assurances on that Name: the Assured Member has
|
||||||
at least one Name assured, the Assured Name. To reach 100 Assurance
|
at least one Name assured, the Assured Name.</p>
|
||||||
|
<p>To reach 100 Assurance
|
||||||
Points, at least one Name of the Assured Member must have been
|
Points, at least one Name of the Assured Member must have been
|
||||||
assured at least three times.</strike></p>
|
assured at least three times.</p>
|
||||||
<p style="text-decoration: none;">The maximum number of
|
<p>The maximum number of
|
||||||
Assurance
|
Assurance
|
||||||
Points, which can be allocated for a Name assurance under this policy
|
Points, which can be allocated for a Name assurance under this policy
|
||||||
and subsidiary policies is 50 Assurance Points.</p>
|
and subsidiary policies is 50 Assurance Points.</p>
|
||||||
<p>If there is negative confidence the Assurer should consider
|
<p>If there is negative confidence the Assurer should consider
|
||||||
filing
|
filing
|
||||||
a dispute.</p>
|
a dispute.</p>
|
||||||
<h3>Experience Points</h3>
|
<h3>4.5. Experience Points</h3>
|
||||||
<p>The maximum number of Assurance Points that may be awarded by
|
<p>The maximum number of Assurance Points that may be awarded by
|
||||||
an
|
an
|
||||||
Assurer is determined by the Experience Points of the Assurer. </p>
|
Assurer is determined by the Experience Points of the Assurer. </p>
|
||||||
|
@ -574,10 +568,10 @@ Assurer is determined by the Experience Points of the Assurer. </p>
|
||||||
<tbody>
|
<tbody>
|
||||||
<tr>
|
<tr>
|
||||||
<td>
|
<td>
|
||||||
<p><em>Assurer's Experience Points</em></p>
|
<p><i>Assurer's Experience Points</i></p>
|
||||||
</td>
|
</td>
|
||||||
<td>
|
<td>
|
||||||
<p><em>Allocatable Assurance Points</em></p>
|
<p><i>Allocatable Assurance Points</i></p>
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<tr>
|
<tr>
|
||||||
|
@ -646,7 +640,7 @@ permanently to an Assurer by CAcert Inc.'s Committee (board), on
|
||||||
recommendation from the Assurance Officer. </p>
|
recommendation from the Assurance Officer. </p>
|
||||||
<p>Experience Points are not to be confused with Assurance
|
<p>Experience Points are not to be confused with Assurance
|
||||||
Points. </p>
|
Points. </p>
|
||||||
<h3>CAcert Assurance Programme (CAP) form</h3>
|
<h3>4.6. CAcert Assurance Programme (CAP) form</h3>
|
||||||
<p>The CAcert Assurance Programme (<a href="http://www.cacert.org/cap.php" target="_blank">CAP</a>)
|
<p>The CAcert Assurance Programme (<a href="http://www.cacert.org/cap.php" target="_blank">CAP</a>)
|
||||||
form requests the following details of each Member or Prospective
|
form requests the following details of each Member or Prospective
|
||||||
Member: </p>
|
Member: </p>
|
||||||
|
@ -746,13 +740,13 @@ processes. Each must be covered by an approved Subsidiary Policy
|
||||||
Subsidiary Policies specify any additional tests of knowledge
|
Subsidiary Policies specify any additional tests of knowledge
|
||||||
required and variations to process and documentation, within the
|
required and variations to process and documentation, within the
|
||||||
general standard stated here. </p>
|
general standard stated here. </p>
|
||||||
<h3>Standard</h3>
|
<h3>6.1. Standard</h3>
|
||||||
<p>Each Subsidiary Policy must augment and improve the general
|
<p>Each Subsidiary Policy must augment and improve the general
|
||||||
standards in this Assurance Policy. It is the responsibility of each
|
standards in this Assurance Policy. It is the responsibility of each
|
||||||
Subsidiary Policy to describe how it maintains and improves the
|
Subsidiary Policy to describe how it maintains and improves the
|
||||||
specific and overall goals. It must describe exceptions and potential
|
specific and overall goals. It must describe exceptions and potential
|
||||||
areas of risk. </p>
|
areas of risk. </p>
|
||||||
<h3>High Risk Applications</h3>
|
<h3>6.2. High Risk Applications</h3>
|
||||||
<p>In addition to the Assurance or Experience Points ratings set
|
<p>In addition to the Assurance or Experience Points ratings set
|
||||||
here
|
here
|
||||||
in and in other policies, Assurance Officer or policies can
|
in and in other policies, Assurance Officer or policies can
|
||||||
|
|
Loading…
Reference in a new issue