86077ae44f
git-svn-id: http://svn.cacert.org/CAcert/Policies@992 14b1bab8-4ef6-0310-b690-991c95c89dfd
76 lines
17 KiB
HTML
76 lines
17 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>CAcert Bookshelf</title><meta name="generator" content="DocBook XSL Stylesheets V1.71.1" /></head><body><div class="set" lang="en" xml:lang="en"><div class="titlepage"><div><div><h1 class="title"><a id="cloud.set"></a>CAcert Bookshelf</h1></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="book"><a href="#id406953">CAcert.org Policy Manual</a></span></dt><dd><dl><dt><span class="article"><a href="#cacert.oap">CAcert.org Organisation Assurance Policy</a></span></dt><dd><dl><dt><span class="section"><a href="#cacert.oap.preliminaries">Preliminaries</a></span></dt><dt><span class="section"><a href="#cacert.oap.purpose">Purpose</a></span></dt><dt><span class="section"><a href="#cacert.oap.roles">Roles</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279593">Organisation Assurance Officer</a></span></dt><dt><span class="section"><a href="#id1279669">Organisation Assurer</a></span></dt></dl></dd><dt><span class="section"><a href="#cacert.oap.policies">Policies</a></span></dt><dt><span class="section"><a href="#id1279714">Processes</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279724">Individuals</a></span></dt><dt><span class="section"><a href="#id1279734">Partnerships</a></span></dt><dt><span class="section"><a href="#id1279744">Companies</a></span></dt></dl></dd><dt><span class="section"><a href="#cacert.oap.exceptions">Exceptions</a></span></dt></dl></dd><dt><span class="article"><a href="#id1279764">CAcert.org Organisation Assurance sub-policy for Europe</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279770">Preliminaties</a></span></dt><dt><span class="section"><a href="#id1279847">Scope</a></span></dt><dt><span class="section"><a href="#id1279892">Requirements</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279908">Appoved Registry</a></span></dt><dt><span class="section"><a href="#id1279971">Organisation</a></span></dt><dt><span class="section"><a href="#id1280066">Extract</a></span></dt></dl></dd></dl></dd></dl></dd></dl></div><div class="book" lang="en" xml:lang="en"><div class="titlepage"><div><div><h1 class="title"><a id="id406953"></a>CAcert.org Policy Manual</h1></div><div><div class="author"><h3 class="author"></h3></div></div><div><p class="pubdate">2008-09-16</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="article"><a href="#cacert.oap">CAcert.org Organisation Assurance Policy</a></span></dt><dd><dl><dt><span class="section"><a href="#cacert.oap.preliminaries">Preliminaries</a></span></dt><dt><span class="section"><a href="#cacert.oap.purpose">Purpose</a></span></dt><dt><span class="section"><a href="#cacert.oap.roles">Roles</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279593">Organisation Assurance Officer</a></span></dt><dt><span class="section"><a href="#id1279669">Organisation Assurer</a></span></dt></dl></dd><dt><span class="section"><a href="#cacert.oap.policies">Policies</a></span></dt><dt><span class="section"><a href="#id1279714">Processes</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279724">Individuals</a></span></dt><dt><span class="section"><a href="#id1279734">Partnerships</a></span></dt><dt><span class="section"><a href="#id1279744">Companies</a></span></dt></dl></dd><dt><span class="section"><a href="#cacert.oap.exceptions">Exceptions</a></span></dt></dl></dd><dt><span class="article"><a href="#id1279764">CAcert.org Organisation Assurance sub-policy for Europe</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279770">Preliminaties</a></span></dt><dt><span class="section"><a href="#id1279847">Scope</a></span></dt><dt><span class="section"><a href="#id1279892">Requirements</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279908">Appoved Registry</a></span></dt><dt><span class="section"><a href="#id1279971">Organisation</a></span></dt><dt><span class="section"><a href="#id1280066">Extract</a></span></dt></dl></dd></dl></dd></dl></div><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h1 class="title"><a id="cacert.oap"></a>CAcert.org Organisation Assurance Policy</h1></div><div><div class="author"><h3 class="author"><span class="firstname">Teus</span> <span class="surname">Hagen</span></h3><div class="affiliation"><span class="orgname">CAcert, Inc.<br /></span></div></div></div><div><p class="pubdate">2008-09-16</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#cacert.oap.preliminaries">Preliminaries</a></span></dt><dt><span class="section"><a href="#cacert.oap.purpose">Purpose</a></span></dt><dt><span class="section"><a href="#cacert.oap.roles">Roles</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279593">Organisation Assurance Officer</a></span></dt><dt><span class="section"><a href="#id1279669">Organisation Assurer</a></span></dt></dl></dd><dt><span class="section"><a href="#cacert.oap.policies">Policies</a></span></dt><dt><span class="section"><a href="#id1279714">Processes</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279724">Individuals</a></span></dt><dt><span class="section"><a href="#id1279734">Partnerships</a></span></dt><dt><span class="section"><a href="#id1279744">Companies</a></span></dt></dl></dd><dt><span class="section"><a href="#cacert.oap.exceptions">Exceptions</a></span></dt></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="cacert.oap.preliminaries"></a>Preliminaries</h2></div></div></div><p>This CAcert Policy extends the <em class="glossterm">Assurance
|
|
Policy</em> ("<acronym class="acronym">AP</acronym>") by specifying how
|
|
<em class="glossterm">Organisation Assurance</em> ("<acronym class="acronym">OA</acronym>") is
|
|
to be conducted by an <em class="glossterm">Organisation Assurer</em>
|
|
("<abbr class="abbrev">OrgAssurer</abbr>") under the supervision of the
|
|
<em class="glossterm">Organisation Assurance Officer</em>
|
|
("<acronym class="acronym">OAO</acronym>").</p><p>This policy is not a <em class="glossterm">Controlled Document</em>, for
|
|
purposes of <em class="glossterm">Configuration Control Specification</em>
|
|
("<acronym class="acronym">CCS</acronym>").</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="cacert.oap.purpose"></a>Purpose</h2></div></div></div><p><em class="glossterm">Organisation Assurance</em> allows an
|
|
<em class="glossterm">Organisation</em> to issue
|
|
<em class="glossterm">Certificate</em>(s) using CAcert <em class="glossterm">Public Key
|
|
Infrastructure</em> (“<span class="quote"><acronym class="acronym">PKI</acronym></span>”).</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="cacert.oap.roles"></a>Roles</h2></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1279593"></a>Organisation Assurance Officer</h3></div></div></div><p>The <em class="glossterm">Organisation Assurance Officer</em>
|
|
(“<span class="quote"><acronym class="acronym">OAO</acronym></span>”) is responsible for
|
|
<em class="glossterm">Organisation Assurance</em> and reports to the
|
|
<em class="glossterm">Assurance Officer</em>
|
|
(“<span class="quote"><acronym class="acronym">AO</acronym></span>”) who in turn reports to the
|
|
<em class="glossterm">CAcert Board</em>.</p><p>Responsibilities include:</p><div class="itemizedlist"><ul type="disc"><li><p>Management of all <em class="glossterm">Organisation
|
|
Assurer</em>(s)</p></li><li><p>Product management of the process (eg <em class="glossterm">Application
|
|
Form</em>, interfaces, etc.)</p></li><li><p>Maintenance of <em class="glossterm">Procedures</em> and
|
|
<em class="glossterm">Guidelines</em></p></li></ul></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1279669"></a>Organisation Assurer</h3></div></div></div><p>The <em class="glossterm">Organisation Assurer</em>
|
|
(“<span class="quote"><abbr class="abbrev">OrgAssurer</abbr></span>”)...</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="cacert.oap.policies"></a>Policies</h2></div></div></div><p></p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id1279714"></a>Processes</h2></div></div></div><p></p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1279724"></a>Individuals</h3></div></div></div><p></p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1279734"></a>Partnerships</h3></div></div></div><p></p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1279744"></a>Companies</h3></div></div></div><p></p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="cacert.oap.exceptions"></a>Exceptions</h2></div></div></div><p></p></div></div><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h1 class="title"><a id="id1279764"></a>CAcert.org Organisation Assurance sub-policy for Europe</h1></div><div><div class="author"><h3 class="author"><span class="firstname">Teus</span> <span class="surname">Hagen</span></h3><div class="affiliation"><span class="orgname">CAcert, Inc.<br /></span></div></div></div><div><p class="pubdate">2008-09-16</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id1279770">Preliminaties</a></span></dt><dt><span class="section"><a href="#id1279847">Scope</a></span></dt><dt><span class="section"><a href="#id1279892">Requirements</a></span></dt><dd><dl><dt><span class="section"><a href="#id1279908">Appoved Registry</a></span></dt><dt><span class="section"><a href="#id1279971">Organisation</a></span></dt><dt><span class="section"><a href="#id1280066">Extract</a></span></dt></dl></dd></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id1279770"></a>Preliminaties</h2></div></div></div><p>This CAcert sub-policy extends the <em class="glossterm">Organisation Assurance
|
|
Policy</em> ("<acronym class="acronym">OAP</acronym>") by specifying how
|
|
<em class="glossterm">Organisation Assurance</em> ("<acronym class="acronym">OA</acronym>") is
|
|
to be conducted by the assigned <em class="glossterm">Organisation
|
|
Assurer</em> ("<abbr class="abbrev">OrgAssurer</abbr>") under the supervision
|
|
of the <em class="glossterm">Organisation Assurance Officer</em>
|
|
("<acronym class="acronym">OAO</acronym>") for entities within the defined scope.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id1279847"></a>Scope</h2></div></div></div><p>This sub-policy is applicable to:</p><div class="itemizedlist"><ul type="disc"><li><p>Any <em class="glossterm">Organisation</em> registered in Europe
|
|
with a pre-approved trade office registry ("<em class="glossterm">Approved
|
|
Registry</em>")</p></li></ul></div><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>This follows the European style of Chambers of Commerce (e.g
|
|
Chambers of Commerce in continental Europe, Companies House in the
|
|
United Kingdom and Ministry of Justice, Finance, or Commerce in Eastern
|
|
Europe)</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id1279892"></a>Requirements</h2></div></div></div><p>This section describes any sub-policy specific requirements that are
|
|
not otherwise defined in the <abbr class="abbrev">OAP</abbr>.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1279908"></a>Appoved Registry</h3></div></div></div><p>An <em class="glossterm">Approved Registry</em>:</p><div class="itemizedlist"><ul type="disc"><li><p>Must follow the general model of a <em class="glossterm">Trade
|
|
Office</em> and is thus a formal authority for dealing with
|
|
local trade matters</p></li><li><p>Must have an official mandate by law to register certain types
|
|
of <em class="glossterm">Organisation</em> (eg sole traders,
|
|
partnerships, companies, associations)</p></li><li><p>Must have a search facility service that provides reliable
|
|
documentary <em class="glossterm">Record</em> of the registration of an
|
|
<em class="glossterm">Organisation</em></p></li></ul></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1279971"></a>Organisation</h3></div></div></div><p>An <em class="glossterm">Organisation</em>:</p><div class="itemizedlist"><ul type="disc"><li><p>Must be registered with an <em class="glossterm">Approved
|
|
Registry</em> with an “<span class="quote">active</span>” status or
|
|
equivalent.</p></li><li><p>May have zero or more <em class="glossterm">Registered
|
|
Name</em>(s) in addition to the name of the <em class="glossterm">Legal
|
|
Entity</em>.</p></li><li><p>Must be a distinct <em class="glossterm">Legal Entity</em> (eg
|
|
incorporated) OR the constituent <em class="glossterm">Legal
|
|
Entity</em>(s) must be identified.</p></li></ul></div><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>A <em class="glossterm">Legal Entity</em> may have various legal
|
|
statuses with different liabilities. The
|
|
<em class="glossterm">Organisation</em> may not be capable of legally
|
|
becoming a <em class="glossterm">CAcert Member</em>, independently and
|
|
separately from the individuals within. The
|
|
<abbr class="abbrev">OrgAssurer</abbr> must take care to identify which
|
|
individuals are Members, and which are therefore the natural legal
|
|
entities behind the names.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id1280066"></a>Extract</h3></div></div></div><p><em class="glossterm">Extract</em>(s) supplied by an
|
|
<em class="glossterm">Approved Registry</em>:</p><div class="itemizedlist"><ul type="disc"><li><p>Must be obtained by the <abbr class="abbrev">OrgAssurer</abbr> as:</p><div class="itemizedlist"><ul type="circle"><li><p>Original paper <em class="glossterm">Extract</em> obtained
|
|
independently from the <em class="glossterm">Approved
|
|
Registry</em> by the <abbr class="abbrev">OrgAssurer</abbr></p></li><li><p>Digital <em class="glossterm">Extract</em> obtained online
|
|
from the <em class="glossterm">Approved Registry</em> by the
|
|
<abbr class="abbrev">OrgAssurer</abbr></p></li><li><p>Digital <em class="glossterm">Extract</em> with a valid,
|
|
trusted <em class="glossterm">Digital Signature</em> obtained by
|
|
any means</p></li><li><p>Historical supplemental
|
|
<em class="glossterm">Extract</em>(s) where it can be shown that
|
|
material changes have not been made (e.g., via absence of
|
|
subsequent submissions in official document listings)</p></li></ul></div></li><li><p>Must include at least the following information:</p><div class="itemizedlist"><ul type="circle"><li><p><em class="glossterm">Full Name</em> of the <em class="glossterm">Legal
|
|
Entity</em></p></li><li><p><em class="glossterm">Unique Identifier</em> of the
|
|
<em class="glossterm">Legal Entity</em> within the
|
|
<em class="glossterm">Approved Registry</em> (and
|
|
<em class="glossterm">Type</em> of <em class="glossterm">Unique
|
|
Identifier</em>, eg “<span class="quote">Company
|
|
Number</span>”)</p></li><li><p><em class="glossterm">Type</em> of the <em class="glossterm">Legal
|
|
Entity</em> (eg “<span class="quote">Limited Liability
|
|
Company</span>”)</p></li><li><p><em class="glossterm">Location</em> of the <em class="glossterm">Legal
|
|
Entity</em> (which must fall within the
|
|
<em class="glossterm">Jurisdiction</em> of the <em class="glossterm">Approved
|
|
Registry</em>)</p></li><li><p><em class="glossterm">Representative</em>(s) of the
|
|
<em class="glossterm">Organisation</em></p></li></ul></div></li></ul></div><p></p></div></div></div></div></div></body></html>
|