CAcert Organisation Assurance Program sub-policy for the United States of America

CAcert Policy Status
Author: Fred Trotter
Creation date: 2008-05-26
Status: WiP 2008-05-26
Next status: DRAFT 2008

0. Preliminaries

This CAcert sub-policy extends the Organisation Assurance Policy ("OAP") by specifying how Organisation Assurance is to be conducted by the assigned Organisation Assurer ("OA") under the supervision of the Organisation Assurance Officer ("OAO") for entities within the defined scope.

1. Scope

This sub-policy is applicable to:

  1. Legal entities in the United States of America:
    1. Corporations (including non-profit)
    2. Limited Liability Companies (LLC)
    3. Partnerships
    4. Sole Proprietorships
    5. Churches, Clubs and other groups
    6. Universities, Colleges and other schools

2. Requirements

This section describes any scope specific requirements that are not otherwise defined in the OAP.

2.1 Organisation

  1. Applicants MUST be a valid legal entity but MAY have an arbitrary number of registered trading names.

2.2 Records

  1. Digital Signatures MAY be accepted as per Section 9 of the Uniform Electronic Transactions Act and the Electronic Signatures in Global and National Commerce Act. Organizations that have specific compliance concerns should work with the organizational assurer and the author of the document to ensure that specific requirements are met.
  2. Historic documents MAY be accepted where it can be proven that material changes have not been made (eg via absence of subsequent submissions in official document listings).

2.3 Application Form

  1. CACert is centrally concerned with determining who is has the local authority to recognize local organizations. In the United States, this will be determined in the following order:
  2. Here is a partial list of such organizations.
  3. Some of the secretary of state offices require a fee to search the database. In any case that the Assurer must pay a fee to verify that an organization is legitimate, CACert will charge the cost of the verification to the applicant and refund the Assurer.

3. Registration

3.2 Identifiers

  1. Whereever possible and appropriate, Employee Idetification Number should be used.

3.3 Documents

  1. Valid documents are either from a certifying state agency or confirmed on case-by-case basis

4. Processes

  1. Contact an Organizational Assurer to begin the process.

4.1 Assurance

  1. Each person listed in an application MUST be individually assured and referenced by a confirmed email.
  2. All entities MUST be verified by a Secretary of State, at least the physical address location must mirror information in the domain name being registered. Unfortunately for this reason, domains with anonymized or P.O. Box address registrations will not be allowed.
  3. Members of partnerships must be individually assurered before the organization can be assured.
  4. Company applications MUST be made by an individual who is duly authorised to sign on behalf of the company:
    1. Officeholder applicants (directors or preferably secretary) MUST be verified in documents available from the relevant Secretary of State, or other verifying organization.
    2. Any other applicant MUST prove that they are duly authorised to sign on behalf of the entity (for example via delegation and/or under company rules) to the satisfaction of the OA, for approval by the OAO.

Valid XHTML 1.1