|
|
|
|
@ -34,6 +34,10 @@ th {
|
|
|
|
|
color : blue;
|
|
|
|
|
font-weight: bold;
|
|
|
|
|
}
|
|
|
|
|
.strike {
|
|
|
|
|
color : blue;
|
|
|
|
|
text-decoration:line-through;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
a:hover {
|
|
|
|
|
color : gray;
|
|
|
|
|
@ -78,7 +82,14 @@ is derivative and is ruled by the CCS.
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
|
CCS is formated, inspired and designed to meet the needs of
|
|
|
|
|
DRC-A.1.
|
|
|
|
|
<span class="change">
|
|
|
|
|
David Ross Criteria -
|
|
|
|
|
<a href="http://rossde.com/CA_review/">Certificate Authority Review Checklist</a>
|
|
|
|
|
- section A.1
|
|
|
|
|
(
|
|
|
|
|
</span>
|
|
|
|
|
DRC-A.1
|
|
|
|
|
<span class="change">)</span>.
|
|
|
|
|
CCS may be seen as the index to systems audit under DRC.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
@ -162,7 +173,13 @@ Critical systems are defined by Security Policy.
|
|
|
|
|
|
|
|
|
|
<h4 id="s3.3">3.3 Control </h4>
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
|
<p class="change">
|
|
|
|
|
Security Policy places executive responsibility for Hardware with the Board of CAcert Inc.
|
|
|
|
|
Access is delegated to Access Engineers (SP 2) and Systems Administrators (SP 3).
|
|
|
|
|
Legal ownership may be delegated by agreement to other organisations (SP 9.4).
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<p class="strike">
|
|
|
|
|
Control of Hardware is the ultimate responsibility of the Board of CAcert Inc.
|
|
|
|
|
The responsibility for acts with hardware is delegated
|
|
|
|
|
to Access Engineers and Systems Administrators as per
|
|
|
|
|
|
Ian Grigg
15 years ago