diff options
| -rw-r--r-- | www/policy/CAcertCommunityAgreement.php | 464 |
1 files changed, 321 insertions, 143 deletions
diff --git a/www/policy/CAcertCommunityAgreement.php b/www/policy/CAcertCommunityAgreement.php index 2e7a919..cab91f8 100644 --- a/www/policy/CAcertCommunityAgreement.php +++ b/www/policy/CAcertCommunityAgreement.php @@ -1,72 +1,153 @@ <?='<?xml version="1.0" encoding="utf-8"?>'?> -<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> - +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" + "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> - <title>CAcert Community Agreement</title> - <style type="text/css"> -/*<![CDATA[*/ - .comment { + <meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8" /> + <title> CAcert Community Agreement </title> +<style type="text/css"> +<!-- +.comment { color : steelblue; - } - .first-does-not-work { +} +.first-does-not-work { color : red; - } - .q { +} +.q { color : green; font-weight: bold; text-align: center; font-style:italic; - } - .change { +} +.change { color : blue; font-weight: bold; - } - .strike { +} +.change2 { + color : blue; + font-weight: bold; +} +.change3 { + color : blue; + font-weight: bold; +} +.change4 { + color : blue; + font-weight: bold; +} +.change5 { + color : blue; + font-weight: bold; +} +.change6 { + color : blue; + font-weight: bold; +} +.change7 { + color : blue ; + font-weight: bold; +} +.change8 { + color : blue; + font-weight: bold; +} +.change9 { + color : blue; + font-weight: bold; +} +.change10 { + color : blue; + font-weight: bold; +} +.change11 { + color : blue; + font-weight: bold; +} +.change12 { + color : blue; + font-weight: bold; +} +.change13 { + color : blue; + font-weight: bold; +} +.strike { color : blue; text-decoration:line-through; - } - img.c3 {border-style: none;} - a.c2 {color: steelblue;} - img.c1 {float: right; border-width: 0} - /*]]>*/ - </style> -</head> +} +.strike2 { + color : blue; + text-decoration:line-through; +} +.strike4 { + color : blue; + text-decoration:line-through; +} +.strike5 { + color : blue; + text-decoration:line-through; +} +.strike6 { + color : blue; + text-decoration:line-through; +} +.strike7 { + color : blue; + text-decoration:line-through; +} +.strike8 { + color : blue; + text-decoration:line-through; +} +.strike9 { + color : blue; + text-decoration:line-through; +} +.strike10 { + color : blue; + text-decoration:line-through; +} +.strike11 { + color : blue; + text-decoration:line-through; +} +.strike12 { + color : blue; + text-decoration:line-through; +} +.strike13 { + color : blue; + text-decoration:line-through; +} +--> +</style> +</head> <body> - <div class="comment"> - <table width="100%"> - <tr> - <td rowspan="2">Name: CCA <a class="c2" href= - "https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD9</a><br /> - - Status: POLICY <a class="c2" href= - "https://wiki.cacert.org/PolicyDecisions#p20080109.1_CCA_to_POLICY_status"> - p20080109.1</a><br /> - <span class="draftadd">DRAFT - <a class="c2" href= - "https://wiki.cacert.org/PolicyDecisions#p20140709_CCA_update_to_DRAFT"> - p20140709</a></span><br /> - Editor: <a class="c2" href= - "https://wiki.cacert.org/Community/HomePagesMembers/BenediktHeintel">Benedikt</a><br /> - - Licence: <a class="c2" href="https://wiki.cacert.org/Policy#Licence" - title= - "this document is Copyright © CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy"> - CC-by-sa+DRP</a><br /></td> - - <td valign="top" align="right"><a href= - "https://www.cacert.org/policy/PolicyOnPolicy.php"><img src= - "images/cacert-policy.png" alt="CCA Status - POLICY" height="31" width= - "88" class="c3" /></a> - <!-- XXXXXXXXXXXXXX delete this going to POLICY --><br /> - <a href="https://www.cacert.org/policy/PolicyOnPolicy.php"><img src= - "images/cacert-draft.png" alt="CCA Status - DRAFT" height="31" width= - "88" class="c3" /></a></td> - </tr> - </table> - </div> + + <div class="comment"> + <table width="100%"> + + <tr> + <td rowspan="2"> + Name: CCA <a style="color: steelblue" href="https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD9</a><br /> + Status: POLICY <a style="color: steelblue" href="https://wiki.cacert.org/PolicyDecisions#p20080109.1_CCA_to_POLICY_status">p20080109.1</a><br /> + <span class="draftadd">DRAFT <a style="color: steelblue" href="https://wiki.cacert.org/PolicyDecisions#p20140709_CCA_update_to_DRAFT">p20140709</a></span> <br /> + Editor: <a style="color: steelblue" href="https://wiki.cacert.org/Community/HomePagesMembers/BenediktHeintel">Benedikt</a><br /> + Licence: <a style="color: steelblue" href="https://wiki.cacert.org/Policy#Licence" title="this document is Copyright © CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy">CC-by-sa+DRP</a><br /> + + </td> + <td valign="top" align="right"> + <a href="https://www.cacert.org/policy/PolicyOnPolicy.php"><img src="images/cacert-policy.png" alt="CCA Status - POLICY" height="31" width="88" style="border-style: none;" /></a> + + <!-- XXXXXXXXXXXXXX delete this going to POLICY --> + <br /> + <a href="https://www.cacert.org/policy/PolicyOnPolicy.php"><img src="images/cacert-draft.png" alt="CCA Status - DRAFT" height="31" width="88" style="border-style: none;" /></a> + + </td> + </tr> + </table> + </div> <h2>CAcert Community Agreement</h2> @@ -81,7 +162,7 @@ <ol> <li>"CAcert" means CAcert Inc., a non-profit Association of Members incorporated in New South Wales, Australia. Note that Association Members - are distinct from the Members defined here</li> + are distinct from the Members defined here.</li> <li>"Member" means you, a registered participant within CAcert's Community, with an account on the website and the facility to request certificates. @@ -97,9 +178,13 @@ Arbitration.</li> <li>"Non-Related Person" ("NRP"), being someone who is not a Member, is not - part of the Community, and has not registered their agreement.</li> + part of the Community, and has not registered their agreement. <span class= + "strike7">Such people are offered the NRP-DaL another agreement allowing + the USE of certificates.</span></li> - <li>(withdrawn)</li> + <li><span class="strike7">"Non-Related Persons - Disclaimer and Licence" + ("NRP-DaL"), another agreement that is offered to persons outside the + Community.</span><span class="change7">(withdrawn)</span></li> <li>"Arbitration" is the Community's forum for resolving disputes, or jurisdiction.</li> @@ -126,8 +211,13 @@ <li>"Root" means CAcert's top level key, used for signing certificates for Members. In this document, the term includes any subroots.</li> - <li>"CAcert Official Document" ("COD") is an official managed and - controlled document (e. g. a Policy) of CAcert.</li> + <li>"CAcert Official Document" ("COD" <span class="strike4">=> + COD3</span>) <span class="strike4">in a standard format for describing the + details of operation and governance essential to a certificate authority. + Changes are managed and controlled. CODs define more technical terms. See + 4.2 for listing of relevant CODs.</span> <span class="change4">is an + official managed and controlled document (e. g. a Policy) of + CAcert.</span></li> <li>"Certification Practice Statement" ("CPS" => COD6) is the document that controls details about operational matters within CAcert.</li> @@ -137,8 +227,9 @@ <h4><a name="1.1">1.1</a> Agreement</h4> - <p>You agree to the terms and conditions in this agreement. Your agreement is - given by but not limited to</p> + <p>You <span class="strike">and CAcert both</span> agree to the terms and + conditions in this agreement. Your agreement is given by <span class= + "change2">but not limited to</span> <span class="strike2">any of</span></p> <ul> <li>your signature on a form to request assurance of identity ("CAP" @@ -155,8 +246,9 @@ </ul> <p>Your agreement is effective from the date of the first event above that - makes this agreement known to you. This Agreement replaces and supersedes any - prior agreements.</p> + makes this agreement known to you. This Agreement replaces and <span class= + "strike2">supercedes prior agreements, including the NRP-DaL.</span> + <span class="change2">supersedes any prior agreements.</span></p> <h4><a name="1.2">1.2</a> Licence</h4> @@ -198,72 +290,79 @@ <li>Source code is subject to an open source licence regime.</li> - <li>Personal data</li> + <li><span class="change">Personal data</span></li> - <li>Postings under competing licenses if clearly stated when posted</li> + <li><span class="change">Postings under competing licenses if clearly + stated when posted</span></li> </ol> - <h4><a name="1.4">1.4</a> Privacy</h4> + <h4><span class="change"><a name="1.4">1.4</a> Privacy</span></h4> - <p>You give rights to CAcert to store, verify and process and publish your - data in accordance with policies in force. These rights include shipping the - data to foreign countries for system administration, support and processing - purposes. Such shipping will only be done among CAcert Community - administrators and Assurers.</p> + <p><span class="change">You give rights to CAcert to store, verify and + process and publish your data in accordance with policies in force. These + rights include shipping the data to foreign countries for system + administration, support and processing purposes. Such shipping will only be + done among CAcert Community administrators and Assurers.</span></p> - <p>Privacy is further covered in the Privacy Policy ("PP" => COD5).</p> + <p><span class="change">Privacy is further covered in the Privacy Policy + ("PP" => COD5).</span></p> - <h3><a name="2">2.</a> Your Risks, Liabilities and Obligations</h3> + <h3><span class="change"><a name="2">2.</a> Your Risks, Liabilities and + Obligations</span></h3> - <p>As a Member, you have risks, liabilities and obligations within this - agreement.</p> + <p><span class="change">As a Member, you have risks, liabilities and + obligations within this agreement.</span></p> - <h4><a name="2.1">2.1</a> Risks</h4> + <h4><span class="change"><a name="2.1">2.1</a> Risks</span></h4> <ol> - <li>A certificate may prove unreliable.</li> + <li><span class="change">A certificate may prove unreliable.</span></li> - <li>Your account, keys or other security tools may be lost or otherwise - compromised.</li> + <li><span class="change">Your account, keys or other security tools may be + lost or otherwise compromised.</span></li> - <li>You may find yourself subject to Arbitration (DRP => COD7).</li> + <li><span class="change">You may find yourself subject to Arbitration (DRP + => COD7).</span></li> </ol> - <h4><a name="2.2">2.2</a> Liabilities</h4> + <h4><span class="change"><a name="2.2">2.2</a> Liabilities</span></h4> <ol> - <li>You are liable for any penalties as awarded against you by the - Arbitrator.</li> + <li><span class="change">You are liable for any penalties as awarded + against you by the Arbitrator.</span></li> - <li>Remedies are as defined in the DRP (COD7). An Arbitrator's ruling may - include monetary amounts, awarded against you.</li> + <li><span class="change">Remedies are as defined in the DRP (COD7). An + Arbitrator's ruling may include monetary amounts, awarded against + you.</span></li> - <li>Your liability is limited to a total maximum of <b>1000 Euros</b>.</li> + <li><span class="change">Your liability is limited to a total maximum of + <b>1000 Euros</b>.</span></li> - <li>"Foreign Courts" may assert jurisdiction. These include your local - courts, and are outside our Arbitration. Foreign Courts will generally - refer to the Arbitration Act of their country, which will generally refer - civil cases to Arbitration. The Arbitration Act will not apply to criminal - cases.</li> + <li><span class="change">"Foreign Courts" may assert jurisdiction. These + include your local courts, and are outside our Arbitration. Foreign Courts + will generally refer to the Arbitration Act of their country, which will + generally refer civil cases to Arbitration. The Arbitration Act will not + apply to criminal cases.</span></li> </ol> - <h4><a name="2.3">2.3</a> Obligations</h4> + <h4><span class="change"><a name="2.3">2.3</a> Obligations</span></h4> - <p>You are obliged</p> + <p><span class="change">You are obliged</span></p> <ol> - <li>to provide accurate information as part of Assurance. You give - permission for verification of the information using CAcert-approved - methods.</li> + <li><span class="change">to provide accurate information as part of + Assurance. You give permission for verification of the information using + CAcert-approved methods.</span></li> - <li>to make no false representations.</li> + <li><span class="change">to make no false representations.</span></li> - <li>to submit all your disputes to Arbitration (DRP => COD7).</li> + <li><span class="change">to submit all your disputes to Arbitration (DRP + => COD7).</span></li> - <li>to assist the Arbitrator by truthfully providing information, or with - any other reasonable request.</li> + <li><span class="change">to assist the Arbitrator by truthfully providing + information, or with any other reasonable request.</span></li> - <li>to not share your CAcert account.</li> + <li><span class="change7">to not share your CAcert account.</span></li> </ol> <h4><a name="2.4">2.4</a> Principles</h4> @@ -271,7 +370,7 @@ <p>As a Member of CAcert, you are a member of the Community. You are further obliged to work within the spirit of the Principles of the Community. These are described in <a href= - "https://svn.cacert.org/CAcert/principles.html">Principles of the + "http://svn.cacert.org/CAcert/principles.html">Principles of the Community</a>.</p> <h4><a name="2.5">2.5</a> Security</h4> @@ -287,8 +386,9 @@ <li>to secure your CAcert account (e. g., credentials such as username, password),</li> - <li>to secure your private keys, ensuring that they are only used as - indicated by the certificate, or by wider agreement with others,</li> + <li>to secure your private keys, <span class="change8">ensuring that they + are only used as indicated by the certificate, or by wider agreement with + others,</span></li> <li>to review certificates for accuracy, and</li> @@ -332,41 +432,60 @@ <h4><a name="3.3">3.3</a> Termination</h4> - <p>The CAcert Community Agreement is terminated</p> + <p><span class="strike12">You may terminate this agreement by resigning from + CAcert. You may do this at any time by writing to CAcert's online support + forum and filing dispute to resign. All services will be terminated, and your + certificates will be revoked. However, some information will continue to be + held for certificate processing purposes.</span></p> + + <p><span class="strike12">The provisions on Arbitration survive any + termination by you by leaving CAcert. That is, even if you resign from + CAcert, you are still bound by the DRP (COD7), and the Arbitrator may + reinstate any provision of this agreement or bind you to a ruling.</span></p> + + <p><span class="strike12">Only the Arbitrator may terminate this agreement + with you.</span></p> + + <p><span class="change12">The CAcert Community Agreement is + terminated</span></p> <ol> - <li>based on a Policy Group decision following (PoP => COD1). This - terminates the Agreement with every member.</li> + <li><span class="change12">based on a Policy Group decision following (PoP + => COD1). This terminates the Agreement with every member.</span></li> - <li>with a ruling of the Arbitrator or the completion of a termination - process defined by an Arbitrator ruling (DRP => COD7).</li> + <li><span class="change12">with a ruling of the Arbitrator or the + completion of a termination process defined by an Arbitrator ruling (DRP + => COD7).</span></li> - <li>by the end of existence of a member (i.e. death in the case of - individuals).</li> + <li><span class="change12">by the end of existence of a member (i.e. death + in the case of individuals).</span></li> </ol> - <p>A member may declare the wish to resign from CAcert at any time by writing - to <em>support AT cacert.org</em>. This triggers a process for termination of - this agreement with the member.</p> + <p><span class="change12">A member may declare the wish to resign from CAcert + at any time by writing to <em>support AT cacert.org</em>. This triggers a + process for termination of this agreement with the member.</span></p> - <h4><a name="3.3">3.3a</a> Consequences of Termination</h4> + <h4><span class="change12"><a name="3.3">3.3a</a> Consequences of + Termination</span></h4> - <p>The termination discontinues the right to USE, OFFER and CREATE personal - certificates in any account of the former member. Those certificates will be - revoked and all services to the former member will be terminated as soon as - possible. However, some information will continue to be held for certificate - processing purposes.</p> + <p><span class="change12">The termination discontinues the right to USE, + OFFER and CREATE personal certificates in any account of the former member. + Those certificates will be revoked and all services to the former member will + be terminated as soon as possible. However, some information will continue to + be held for certificate processing purposes.</span></p> - <p>The provisions on Arbitration for the time of membership survive any - termination. Former members are still bound by the DRP (COD7), and the - Arbitrator may reinstate any provision of this agreement or bind them to a - ruling.</p> + <p><span class="change12">The provisions on Arbitration for the time of + membership survive any termination. Former members are still bound by the DRP + (COD7), and the Arbitrator may reinstate any provision of this agreement or + bind them to a ruling.</span></p> - <p>As far as Organisations are concerned details are also defined in the - Organisation Assurance Policy (OAP => COD11).</p> + <p><span class="change12">As far as Organisations are concerned details are + also defined in the Organisation Assurance Policy (OAP => + COD11).</span></p> - <p>Every member learning about the death of a member or termination of - existence of a member should notify <em>support AT cacert.org</em>.</p> + <p><span class="change12">Every member learning about the death of a member + or termination of existence of a member should notify <em>support AT + cacert.org</em>.</span></p> <h4><a name="3.4">3.4</a> Changes of Agreement</h4> @@ -380,27 +499,74 @@ <h4><a name="3.5">3.5</a> Communication</h4> - <p>You are responsible for keeping your primary email account in good working - order and able to receive emails from CAcert.</p> + <p><span class="change6">You are responsible for keeping your primary email + account in good working order and able to receive emails from + CAcert.</span></p> <p>Notifications to CAcert are to be sent by email to the address <em>support - AT cacert.org</em>. You should attach a digital signature.</p> + AT cacert.org</em>. You should attach a digital signature<span class= + "strike6">, but need not do so in the event of security or similar + urgency</span>.</p> + + <p><span class="strike6">Notifications to you are sent by CAcert to the + primary email address registered with your account. You are responsible for + keeping your email account in good working order and able to receive emails + from CAcert.</span></p> + + <p><span class="strike6">Arbitration is generally conducted by + email.</span></p> <h3><a name="4">4.</a> Miscellaneous</h3> - <h4><a name="4.1">4.1</a> (withdrawn)</h4> + <h4><a name="4.1">4.1</a> <span class="strike10">Other Parties Within the + Community</span> <span class="change10">(withdrawn)</span></h4> + + <p class="strike10">As well as you and other Members in the Community, CAcert + forms agreements with third party vendors and others. Thus, such parties will + also be in the Community. Such agreements are also controlled by the same + policy process as this agreement, and they should mirror and reinforce these + terms.</p> <h4><a name="4.2">4.2</a> References and Other Binding Documents</h4> - <p>You are also bound by the Policies of the Community under the control of - Policy on Policy ("PoP" => COD1) and listed in <a href= + <p class="strike11">This agreement is CAcert Official Document 9 (COD9) and + is a controlled document.</p> + + <p>You are also bound by <span class="change11">the Policies of the Community + under the control of Policy on Policy ("PoP" => COD1) and listed in + <a href= "https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">Controlled - Document List</a>.</p> + Document List</a>.</span></p> - <p>Controlled documents are primary, and may not be replaced or waived except - by formal policy channels and Arbitration.</p> + <ol> + <li><span class="strike11"><a href= + "http://www.cacert.org/policy/CertificationPracticeStatement.php">Certification + Practice Statement</a> (CPS => COD6).</span></li> - <p>This agreement is controlled document COD9.</p> + <li><span class="strike11"><a href= + "http://www.cacert.org/policy/DisputeResolutionPolicy.php">Dispute + Resolution Policy</a> (DRP => COD7).</span></li> + + <li><span class="strike11"><a href="PrivacyPolicy.html">Privacy Policy</a> + (PP => COD5).</span></li> + + <li><span class="strike11"><a href= + "http://svn.cacert.org/CAcert/principles.html">Principles of the + Community</a>.</span></li> + </ol> + + <p class="strike11">Where documents are referred to as <i>=> COD x</i>, + they are controlled documents under the control of Policy on Policies + (COD1).</p> + + <p class="strike11">This agreement and controlled documents above are + primary, and may not be replaced or waived except by formal policy channels + and by Arbitration.</p> + + <p class="change11">Controlled documents are primary, and may not be replaced + or waived except by formal policy channels and Arbitration.</p> + + <p class="change11">This agreement is controlled document COD9.</p> <h4><a name="4.3">4.3</a> Informative References</h4> @@ -408,11 +574,23 @@ convenience. Because we cannot control the legal effect of translations, the English documents are the ruling ones.</p> - <p>Beside this Agreement and the Policies, there are other documents, i. e. - Policy Guides, Manuals and Handbooks, supporting and explaining this - Agreement and the Policies. These documents are not binding and in doubt this - Agreement and the Policies are valid.</p> + <p class="strike9">You are encouraged to be familiar with the Assurer + Handbook, which provides a more readable introduction for much of the + information needed. The Handbook is not however an agreement, and is + overruled by this agreement and others listed above.</p> + + <p class="change9">Beside this Agreement and the Policies, there are other + documents, i. e. Policy Guides, Manuals and Handbooks, supporting and + explaining this Agreement and the Policies. These documents are not binding + and in doubt this Agreement and the Policies are valid.</p> + + <h4><a name="4.4">4.4</a> <span class="strike9">Not Covered in this + Agreement</span> <span class="change9">(withdrawn)</span></h4> - <h4><a name="4.4">4.4</a>(withdrawn)</h4> + <p class="strike9"><b>Intellectual Property.</b> This Licence does not + transfer any intellectual property rights ("IPR") to you. CAcert asserts and + maintains its IPR over its roots, issued certificates, brands, logos and + other assets. Note that the certificates issued to you are CAcert's + intellectual property and you do not have rights other than those stated.</p> </body> </html> |