this document deprecated by m20090815.4 and wiki.cacert.org/comma/Identity/Communications

git-svn-id: http://svn.cacert.org/CAcert/Policies@2011 14b1bab8-4ef6-0310-b690-991c95c89dfd
2010-08-30 13:22:05 +00:00 · 2010-08-30 13:22:05 +00:00 · d1a4a337a6
commit d1a4a337a6
parent 6b4ef587b7
1 changed files with 0 additions and 179 deletions
--- a/CAcertCommunicationPolicy.html
+++ b/CAcertCommunicationPolicy.html
@ -1,179 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
 	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 	<head>
 		<title>
 			CAcert Communication Policy (CCP)
 		</title>
 	</head>
 	<body>
 		<h1>
 			CAcert Communication Policy (CCP)
 		</h1>
 		<p>
 			<a href="../PolicyOnPolicy.html"><img src="Images/cacert-draft.png" alt="CAcert Draft" height="31" width="88" style="border-style: none;" /></a><br />
 			Editor: Sam Johnston<br />
 			Creation date: 2008-04-16<br />
 			Status: DRAFT 2008-04-25 (m20080425.1)<br />
 			Next status: POLICY 2008-XX-XX<br />
 			<!-- $Id$ -->
 		</p>
 		<h2>
 			0. Preliminaries
 		</h2>
 		<p>
 			This CAcert policy describes how CAcert communicates as required for achieving its mission.
 		</p>
 		<h2>
 			1. Scope
 		</h2>
 		<p>
 			CAcert Community Members are subjected to the CAcert Communication Agreement (CCA).
 		</p>
 		<p>
 			This policy is applicable to:<br />
 		</p>
 		<ol>
 			<li>Press Releases and Announcements
 			</li>
 			<li>Internet Email
 			</li>
 			<li>Internet Relay Chat (IRC)
 			</li>
 		</ol>
 		<h2>
 			2. Requirements
 		</h2>
 		<p>
 			This section describes all CAcert communication channels.<br />
 		</p>
 		<ol>
 			<li>
 				<strong>Press Releases and Announcements</strong><br />
 				<ol style="list-style-type: lower-alpha;">
 					<li>CAcert Community Members may communicate on their areas, but these are considered community views.
 					</li>
 					<li>Targeted announcements may be sent to a minority subset of users who have opted-in to receiving information on the topic.
 					</li>
 					<li>Press releases and official announcements must be approved by the board and issued via:<br />
 						<ol style="list-style-type: lower-roman;">
 							<li>Digitally signed email to appropriate mailing list(s).
 							</li>
 							<li>Posting and indefinite archiving on the official CAcert web site(s)
 							</li>
 						</ol>
 					</li>
 				</ol>
 			</li>
 			<li>
 				<strong>Internet Email</strong><br />
 				<ol style="list-style-type: lower-alpha;">
 					<li>
 						<strong>Email Aliases</strong> are official email addresses within the CAcert domain(s) (eg john@cacert.org).<br />
 						<ol style="list-style-type: lower-roman;">
 							<li>All official CAcert communications must be conducted using an official address, which is typically a forwarding service.
 							</li>
 							<li>Access to full accounts (available only to officials listed on the organisation chart) shall be available via web interface and standard mail protocols.
 							</li>
 							<li>Outbound mail should contain the full name and short reference to the official capacity of the user: <i>John Citizen (CAcert AO) &lt;john@cacert.org&gt;</i>.
 							</li>
 							<li>Role accounts (eg support@cacert.org) shall be implemented as a mailing list or automated issue tracking system as appropriate.
 							</li>
 						</ol>
 					</li>
 					<li>
 						<strong>Mailing Lists</strong> are automated distribution lists containing CAcert community members.<br />
 						<ol style="list-style-type: lower-roman;">
 							<li>List management (new list creation, dead list removal) shall be managed by the board.
 							</li>
 							<li>List membership shall be restricted to CAcert Community members and all posts are contributions, as described in the CCA.
 							</li>
 							<li>Lists shall follow the naming convention of cacert-&lt;listname&gt;@lists.cacert.org, with important lists (eg support, board) aliased @cacert.org
 							</li>
 							<li>List policy shall be set on a per-list basis (eg open/closed, searchable archives, etc.)<br />
 								<ol>
 									<li>Open lists (eg cacert-policy) shall be accessible by anyone (including Internet search engines) and closed lists (eg cacert-board) only by list members.
 									</li>
 									<li>Posting to discussion lists (eg cacert-policy) must be restricted to list members and must not be restricted for role lists (eg cacert-board).
 									</li>
 									<li>Messages which do not meet list policy (eg size, non-member) must be immediately rejected.
 									</li>
 								</ol>
 							</li>
 							<li>Subscription requests must be confirmed by the requestor and subscriber lists must not be revealed..
 							</li>
 							<li>Web based archives shall be maintained and authentication must reflect list policy.
 							</li>
 						</ol>
 					</li>
 					<li>
 						<strong>Automated Email</strong> is sent by various CAcert systems automatically<br />
 						<ol style="list-style-type: lower-roman;">
 							<li>All new automated emails must be approved by the board.
 							</li>
 							<li>Automated emails should only be sent in response to a user action.
 							</li>
 						</ol>
 					</li>
 					<li>
 						<strong>Personal Email</strong> is individual personal addresses of CAcert Community members (eg john@gmail.com).<br />
 						<ol style="list-style-type: lower-roman;">
 							<li>Personal email must not be used for official CAcert purposes.
 							</li>
 						</ol>
 					</li>
 				</ol>
 			</li>
 			<li>
 				<strong>Internet Relay Chat (IRC)</strong><br />
 				<ol style="list-style-type: lower-alpha;">
 					<li>An IRC service shall be maintained at irc.cacert.org which shall be available via SSL.
 					</li>
 				</ol>
 			</li>
 		</ol>
 		<h2>
 			3. Implementation
 		</h2>
 		<p>
 			This section describes how CAcert communication channels are to be implemented.
 		</p>
 		<ol>
 			<li>
 				<strong>General</strong><br />
 				<ol style="list-style-type: lower-alpha;">
 					<li>CAcert System Administrators shall have discretion as to the technical implementation of this policy and shall report status to the board periodically.
 					</li>
 				</ol>
 			</li>
 			<li>
 				<strong>Security</strong><br />
 				<ol style="list-style-type: lower-alpha;">
 					<li>Authentication (where required) must be done via username and password and/or CAcert certificate.
 					</li>
 					<li>Transport encryption must be used where possible.
 					</li>
 					<li>Content encryption may be used where appropriate.
 					</li>
 					<li>All outbound mail should be digitally signed.
 					</li>
 				</ol>
 			</li>
 			<li>
 				<strong>Internet Email</strong><br />
 				<ol style="list-style-type: lower-alpha;">
 					<li>All mails must be securely archived.
 					</li>
 					<li>All mails must be subject to appropriate spam prevention mechanisms (eg SpamAssassin, greylisting).
 					</li>
 					<li>All mails must be subject to appropriate virus and content filtering (eg ClamAV, content types).
 					</li>
 				</ol>
 			</li>
 		</ol>
 		<p>
 			<a href="http://validator.w3.org/check?uri=referer"><img src="Images/valid-xhtml11-blue" alt="Valid XHTML 1.1" height="31" width="88" style="border-style: none;" /></a>
 		</p>
 	</body>
 </html>