fix up xhtml anchours
git-svn-id: http://svn.cacert.org/CAcert/Policies@1874 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
parent
4f87140d8e
commit
fe0b2a2af0
1 changed files with 24 additions and 24 deletions
|
@ -82,11 +82,11 @@ DRC-A.1.
|
||||||
CCS may be seen as the index to systems audit under DRC.
|
CCS may be seen as the index to systems audit under DRC.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h3> <a name="s2">2</a> <a name="Documents"> Documents </a> </h3>
|
<h3 id="s2"> 2 Documents </h3>
|
||||||
|
|
||||||
<!-- A.1.c-h: The configuration-control specification controls the revision process for the CCS,CP,CPS,PP,SP,R/L/O -->
|
<!-- A.1.c-h: The configuration-control specification controls the revision process for the CCS,CP,CPS,PP,SP,R/L/O -->
|
||||||
|
|
||||||
<h4> <a name="s2.1">2.1</a> <a name="doc_list"> Controlled Document List </a> </h4>
|
<h4 id="s2.1">2.1 Controlled Document List </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
This CCS creates a list of Primary or "root" documents known as Policies.
|
This CCS creates a list of Primary or "root" documents known as Policies.
|
||||||
|
@ -107,7 +107,7 @@ wiki.cacert.org/PolicyDecisions</a>.
|
||||||
<!-- See A.1.k, logging of documents. -->
|
<!-- See A.1.k, logging of documents. -->
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h4> <a name="s2.2">2.2</a> <a name="doc_change"> Change </a> </h4>
|
<h4 id="s2.2">2.2 Change </h4>
|
||||||
|
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
|
@ -140,27 +140,27 @@ documents of higher status (DRAFT or POLICY).
|
||||||
Copies should be eliminated where not being worked on.
|
Copies should be eliminated where not being worked on.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h4> <a name="s2.3">2.3</a> <a name="doc_control"> Control </a> </h4>
|
<h4 id="s2.3">2.3 Control </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
CAcert policies are required to be owned / transferred to CAcert. See PoP 6.2.
|
CAcert policies are required to be owned / transferred to CAcert. See PoP 6.2.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h3> <a name="s3">3</a> <a name="Hardware"> Hardware </a> </h3>
|
<h3 id="s3"> 3 Hardware </h3>
|
||||||
|
|
||||||
<!-- This section from A.1.j -->
|
<!-- This section from A.1.j -->
|
||||||
|
|
||||||
<h4> <a name="s3.1">3.1</a> <a name="hard_list"> Controlled Hardware List </a> </h4>
|
<h4 id="s3.1">3.1 Controlled Hardware List </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Critical systems are defined by Security Policy.
|
Critical systems are defined by Security Policy.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h4> <a name="s3.2">3.2</a> <a name="hard_change"> Change </a> </h4>
|
<h4 id="s3.2">3.2 Change </h4>
|
||||||
|
|
||||||
<p> See Security Policy. </p>
|
<p> See Security Policy. </p>
|
||||||
|
|
||||||
<h4> <a name="s3.3">3.3</a> <a name="hard_control"> Control </a> </h4>
|
<h4 id="s3.3">3.3 Control </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Control of Hardware is the ultimate responsibility of the Board of CAcert Inc.
|
Control of Hardware is the ultimate responsibility of the Board of CAcert Inc.
|
||||||
|
@ -171,9 +171,9 @@ The ownership responsibility is delegated by agreement to Oophaga.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
|
|
||||||
<h3> <a name="s4">4</a> <a name="Software"> Software </a> </h3>
|
<h3 id="s4"> 4 Software </h3>
|
||||||
<!-- A.1.i: The configuration-control specification controls changes to software involved in: certs; data; comms to public -->
|
<!-- A.1.i: The configuration-control specification controls changes to software involved in: certs; data; comms to public -->
|
||||||
<h4> <a name="s4.1">4.1</a> <a name="hard_list"> Controlled Software List </a> </h4>
|
<h4 id="s4.1">4.1 Controlled Software List </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Critical software is defined by Security Policy.
|
Critical software is defined by Security Policy.
|
||||||
|
@ -187,11 +187,11 @@ Critical software is defined by Security Policy.
|
||||||
<li> What is far more problematic is the failure to do CCA & Challenge notification.</li>
|
<li> What is far more problematic is the failure to do CCA & Challenge notification.</li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
||||||
<h4> <a name="s4.2">4.2</a> <a name="soft_change"> Change </a> </h4>
|
<h4 id="s4.2">4.2 Change </h4>
|
||||||
|
|
||||||
<p> See Security Policy. </p>
|
<p> See Security Policy. </p>
|
||||||
|
|
||||||
<h4> <a name="s4.3">4.3</a> <a name="soft_control"> Control </a> </h4>
|
<h4 id="s4.3">4.3 Control </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
CAcert owns its code, or requires control over open source code in use
|
CAcert owns its code, or requires control over open source code in use
|
||||||
|
@ -225,17 +225,17 @@ and a registry of software under approved open source licences.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<h3> <a name="s5">5</a> <a name="Certs"> Certificates </a> </h3>
|
<h3 id="s5"> 5 Certificates </h3>
|
||||||
|
|
||||||
<!-- This section from A.1.b -->
|
<!-- This section from A.1.b -->
|
||||||
|
|
||||||
<p> This section applies to Root and Sub-root certificates, not to End-entity (subscriber, member) certificates. </p>
|
<p> This section applies to Root and Sub-root certificates, not to End-entity (subscriber, member) certificates. </p>
|
||||||
|
|
||||||
<h4> <a name="s5.1">5.1</a> <a name="certs_list"> Certificates List </a> </h4>
|
<h4 id="s5.1">5.1 Certificates List </h4>
|
||||||
|
|
||||||
<p> Certificates (Root and sub-root) are to be listed in the CPS. </p>
|
<p> Certificates (Root and sub-root) are to be listed in the CPS. </p>
|
||||||
|
|
||||||
<h4> <a name="s5.2">5.2</a> <a name="logs_change"> Changes </a> </h4>
|
<h4 id="s5.2">5.2 Changes </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Creation and handling of Certificates
|
Creation and handling of Certificates
|
||||||
|
@ -244,37 +244,37 @@ Usage of Certificates
|
||||||
is controlled by Certification Practice Statement.
|
is controlled by Certification Practice Statement.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h4> <a name="s5.3">5.3</a> <a name="logs_archive"> Archive </a> </h4>
|
<h4 id="s5.3">5.3 Archive </h4>
|
||||||
|
|
||||||
<p> See Security Policy. </p>
|
<p> See Security Policy. </p>
|
||||||
|
|
||||||
<h3> <a name="s6">6</a> <a name="Logs"> Logs </a> </h3>
|
<h3 id="s6"> 6 Logs </h3>
|
||||||
|
|
||||||
<!-- This section from A.1.k -->
|
<!-- This section from A.1.k -->
|
||||||
|
|
||||||
<h4> <a name="s6.1">6.1</a> <a name="logs_list"> Controlled Logs List </a> </h4>
|
<h4 id="s6.1">6.1 Controlled Logs List </h4>
|
||||||
|
|
||||||
<p> Logs are defined by Security Policy. </p>
|
<p> Logs are defined by Security Policy. </p>
|
||||||
|
|
||||||
<h4> <a name="s6.2">6.2</a> <a name="logs_change"> Changes </a> </h4>
|
<h4 id="s6.2">6.2 Changes </h4>
|
||||||
|
|
||||||
<p> Changes to Hardware, Software and Root Certificates are logged according to Security Policy. </p>
|
<p> Changes to Hardware, Software and Root Certificates are logged according to Security Policy. </p>
|
||||||
|
|
||||||
<h4> <a name="s6.3">6.3</a> <a name="logs_archive"> Archive </a> </h4>
|
<h4 id="s6.3">6.3 Archive </h4>
|
||||||
|
|
||||||
<p> See Security Policy. </p>
|
<p> See Security Policy. </p>
|
||||||
|
|
||||||
<h3> <a name="s7">7</a> <a name="data"> Data </a> </h3>
|
<h3 id="s7"> 7 Data </h3>
|
||||||
|
|
||||||
<!-- This section from A.1.i-j, bullets 2,3 -->
|
<!-- This section from A.1.i-j, bullets 2,3 -->
|
||||||
|
|
||||||
<h4> <a name="s7.1">7.1</a> <a name="data_list"> Types of Data </a> </h4>
|
<h4 id="s7.1">7.1 Types of Data </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Types of critical member data is defined by Assurance Policy.
|
Types of critical member data is defined by Assurance Policy.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h4> <a name="s7.2">7.2</a> <a name="data_change"> Changes </a> </h4>
|
<h4 id="s7.2">7.2 Changes </h4>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Changes and access to critical member data
|
Changes and access to critical member data
|
||||||
|
@ -287,7 +287,7 @@ collection and storage of critical member data
|
||||||
is defined by Security Policy.
|
is defined by Security Policy.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h4> <a name="s7.3">7.3</a> <a name="data_archive"> Archive </a> </h4>
|
<h4 id="s7.3">7.3 Archive </h4>
|
||||||
|
|
||||||
<p> Data retention is controlled by Security Policy and CAcert Community Agreement. </p>
|
<p> Data retention is controlled by Security Policy and CAcert Community Agreement. </p>
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue