cacert/cacert-policies
9
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

adopted 2 of Andreas Baess's suggested changes

Browse source 
git-svn-id: http://svn.cacert.org/CAcert/Policies@1894 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
Ian Grigg 2010-05-05 01:32:04 +00:00
parent d0a71af235
commit cf1f2eeabf
1 changed files with 19 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
ConfigurationControlSpecification.html
View file

@ -34,6 +34,10 @@ th {
color : blue;
font-weight: bold;
}
.strike {
color : blue;
text-decoration:line-through;
}
a:hover {
color : gray;
@ -78,7 +82,14 @@ is derivative and is ruled by the CCS.
<p>
CCS is formated, inspired and designed to meet the needs of
DRC-A.1.
<span class="change">
David Ross Criteria -
<a href="http://rossde.com/CA_review/">Certificate Authority Review Checklist</a>
- section A.1
(
</span>
DRC-A.1
<span class="change">)</span>.
CCS may be seen as the index to systems audit under DRC.
</p>
@ -162,7 +173,13 @@ Critical systems are defined by Security Policy.
<h4 id="s3.3">3.3 Control </h4>
<p>
<p class="change">
Security Policy places executive responsibility for Hardware with the Board of CAcert Inc.
Access is delegated to Access Engineers (SP 2) and Systems Administrators (SP 3).
Legal ownership may be delegated by agreement to other organisations (SP 9.4).
</p>
<p class="strike">
Control of Hardware is the ultimate responsibility of the Board of CAcert Inc.
The responsibility for acts with hardware is delegated
to Access Engineers and Systems Administrators as per