diff options
3 files changed, 109 insertions, 109 deletions
diff --git a/www/policy/AssurancePolicy.html b/www/policy/AssurancePolicy.html
index 818349a..c1b9e69 100644
--- a/www/policy/AssurancePolicy.html
+++ b/www/policy/AssurancePolicy.html
@@ -61,8 +61,8 @@ Last change date: 2009-01-08<br>
<h1>Assurance Policy for CAcert Community Members</h1>
-<h2><a id="s0">0.</a> Preamble</h2>
-<h3><a id="s0.1">0.1.</a> Definition of Terms</h3>
+<h2 id="s0">0. Preamble</h2>
+<h3 id="s0.1">0.1. Definition of Terms</h3>
<dt><em>Member</em> </dt>
<dd> A Member is an individual who has agreed to the CAcert
@@ -88,7 +88,7 @@ that assists discrimination from Members with similar full names.
-<h3><a id="s0.2">0.2.</a> The CAcert Web of Trust</h3>
+<h3 id="s0.2">0.2. The CAcert Web of Trust</h3>
In face-to-face meetings,
an Assurer allocates a number of Assurance Points
@@ -101,7 +101,7 @@ CAcert explicitly chooses to meet its various goals by
construction of a Web-of-Trust of all Members.
-<h3><a id="s0.3">0.3.</a> Related Documentation</h3>
+<h3 id="s0.3">0.3. Related Documentation</h3>
Documentation on Assurance is split between this
Assurance Policy (AP) and the
@@ -121,7 +121,7 @@ See also Organisation Assurance Policy (<a href="
and CAcert Policy Statement (<a href="" target="_blank">CPS</a>).
-<h2><a id="s1">1.</a> Assurance Purpose</h2>
+<h2 id="s1">1. Assurance Purpose</h2>
<p>The purpose of Assurance is to add confidence
in the Assurance Statement made by the CAcert Community of a Member. </p>
<p>With sufficient assurances, a Member may: (a) issue certificates
@@ -129,7 +129,7 @@ with their assured Name included, (b) participate in assuring others,
and (c) other related activities. The strength of these activities is
based on the strength of the assurance. </p>
-<h3><a id="s1.1">1.1.</a>The Assurance Statement</h3>
+<h3 id="s1.1">1.1.The Assurance Statement</h3>
The Assurance Statement makes the following claims
about a person:
@@ -160,7 +160,7 @@ address(es), secondary distinguishing feature (e.g. DoB). </p>
<p>The confidence level of the Assurance Statement is expressed by
the Assurance Points. </p>
-<h3><a id="s1.2">1.2.</a>Relying Party Statement</h3>
+<h3 id="s1.2">1.2.Relying Party Statement</h3>
<p>The primary goal of the Assurance Statement is for the express
purpose of certificates to meet the needs of the <em>Relying Party
Statement</em>, which latter is found in the Certification Practice
@@ -177,8 +177,8 @@ reliable indications of e.g. the Member's Name and email address. The
nature of Assurance, the number of Assurance Points, and other
policies and processes should be understood as limitations on any
reliance. </p>
-<h2><a id="s2">2.</a> The Member</h2>
-<h3><a id="s2.1">2.1.</a> The Member's Name </h3>
+<h2 id="s2">2. The Member</h2>
+<h3 id="s2.1">2.1. The Member's Name </h3>
At least one individual Name is recorded in the Member's
CAcert login account. The general standard of a Name is:
@@ -203,7 +203,7 @@ encoded in unicode
transformation format.</p>
-<h3><a id="s2.2">2.2.</a> Multiple Names and variations</h3>
+<h3 id="s2.2">2.2. Multiple Names and variations</h3>
In order to handle the contradictions in the above general standard,
a Member may record multiple Names or multiple variations of a Name
@@ -215,7 +215,7 @@ different language or country variations,
and transliterations of characters in a name.
-<h3><a id="s2.3">2.3.</a> Status and Capabilities</h3>
+<h3 id="s2.3">2.3. Status and Capabilities</h3>
A Name which has reached
the level of 50 Assurance Points is defined as an Assured
@@ -324,7 +324,7 @@ and other policies may list other capabilities that rely on Assurance
-<h2><a id="s3">3.</a> The Assurer</h2>
+<h2 id="s3">3. The Assurer</h2>
<p>An Assurer is a Member with the following: </p>
@@ -336,7 +336,7 @@ Points.
<p>The Assurer Challenge is administered by the Education Team on
behalf of the Assurance Officer. </p>
-<h3><a id="s3.1">3.1.</a> The Obligations of the Assurer</h3>
+<h3 id="s3.1">3.1. The Obligations of the Assurer</h3>
<p>The Assurer is obliged to: </p>
@@ -366,8 +366,8 @@ directed by the Arbitrator; </p>
Community. </p>
-<h2><a id="s4">4.</a> The Assurance</h2>
-<h3><a id="s4.1">4.1.</a> The Assurance Process</h3>
+<h2 id="s4">4. The Assurance</h2>
+<h3 id="s4.1">4.1. The Assurance Process</h3>
<p>The Assurer conducts the process of Assurance with each
Member. </p>
<p>The process consists of: </p>
@@ -401,7 +401,7 @@ Assuree (Mutual Assurance); </p>
forms by Assurer. </p>
-<h3><a id="s4.2">4.2.</a> Mutual Assurance</h3>
+<h3 id="s4.2">4.2. Mutual Assurance</h3>
<p>Mutual Assurance follows the principle of reciprocity. This
that the Assurance may be two-way, and that each member participating
@@ -415,7 +415,7 @@ the
Assurer, and reduces any sense of power. It is also an important aid
to the assurance training for future Assurers. </p>
-<h3><a id="s4.3">4.3.</a> Assurance Points</h3>
+<h3 id="s4.3">4.3. Assurance Points</h3>
<p>The Assurance applies Assurance Points to each Member which
measure the increase of confidence in the Statement (above).
Assurance Points should not be interpreted for any other purpose.
@@ -482,7 +482,7 @@ and under any act under any
Subsidiary Policy (below) is 50 Assurance Points.
-<h3><a id="s4.4">4.4.</a> Experience Points</h3>
+<h3 id="s4.4">4.4. Experience Points</h3>
<p>The maximum number of Assurance Points that may be awarded by
Assurer is determined by the Experience Points of the Assurer. </p>
@@ -562,7 +562,7 @@ permanently to an Assurer by CAcert Inc.'s Committee (board), on
recommendation from the Assurance Officer. </p>
<p>Experience Points are not to be confused with Assurance
Points. </p>
-<h3><a id="s4.5">4.5.</a> CAcert Assurance Programme (CAP) form</h3>
+<h3 id="s4.5">4.5. CAcert Assurance Programme (CAP) form</h3>
<p>The CAcert Assurance Programme (<a href="" target="_blank">CAP</a>)
form requests the following details of each Member or Prospective
Member: </p>
@@ -614,7 +614,7 @@ required as well; </p>
<p>The CAP forms are to be kept at least for 7 years by the
Assurer. </p>
-<h2><a id="s5">5.</a> The Assurance Officer</h2>
+<h2 id="s5">5. The Assurance Officer</h2>
<p>The Committee (board) of CAcert Inc. appoints an Assurance
with the following responsibilities: </p>
@@ -654,21 +654,21 @@ procedures or guidelines; </p>
(web-of-trust) to meet the agreed needs of the Community. </p>
-<h2><a id="s6">6.</a> Subsidiary Policies</h2>
+<h2 id="s6">6. Subsidiary Policies</h2>
<p>The Assurance Officer manages various exceptions and additional
processes. Each must be covered by an approved Subsidiary Policy
(refer to Policy on Policy =&gt; CAcert Official Document COD1).
Subsidiary Policies specify any additional tests of knowledge
required and variations to process and documentation, within the
general standard stated here. </p>
-<h3><a id="s6.1">6.1.</a> Standard</h3>
+<h3 id="s6.1">6.1. Standard</h3>
<p>Each Subsidiary Policy must augment and improve the general
standards in this Assurance Policy. It is the responsibility of each
Subsidiary Policy to describe how it maintains and improves the
specific and overall goals. It must describe exceptions and potential
areas of risk. </p>
-<h3><a id="s6.2">6.2.</a> High Risk Applications</h3>
+<h3 id="s6.2">6.2. High Risk Applications</h3>
<p>In addition to the Assurance or Experience Points ratings set
here and in other subsidiary policies, the Assurance Officer or policies can
designate certain applications as high risk. If so, additional
@@ -720,7 +720,7 @@ support administrators. </p>
<p>Applications that might attract additional measures include
code-signing certificates and administration roles. </p>
-<h2><a id="s7">7.</a> Privacy</h2>
+<h2 id="s7">7. Privacy</h2>
<p>CAcert is a "privacy" organisation, and takes the
privacy of its Members seriously. The process maintains the security
and privacy of both parties. </p>
diff --git a/www/policy/CAcertCommunityAgreement.html b/www/policy/CAcertCommunityAgreement.html
index 775311a..ea97451 100644
--- a/www/policy/CAcertCommunityAgreement.html
+++ b/www/policy/CAcertCommunityAgreement.html
@@ -38,7 +38,7 @@ Editor: <a style="color: steelblue" href="">Iang</a>
-<h3> <a id="s0"> 0. </a> Introduction </h3>
+<h3 id="s0"> 0. Introduction </h3>
This agreement is between
@@ -48,7 +48,7 @@ and CAcert Incorporated ("CAcert"),
being an operator of services to the Community.
-<h4> <a id="s0.1"> 0.1 </a> Terms </h4>
+<h4 id="s0.1"> 0.1 Terms </h4>
means CAcert Inc.,
@@ -137,9 +137,9 @@ being an operator of services to the Community.
-<h3> <a id="s1"> 1. </a> Agreement and Licence </h3>
+<h3 id="s1"> 1. Agreement and Licence </h3>
-<h4> <a id="s1.1"> 1.1 </a> Agreement </h4>
+<h4 id="s1.1"> 1.1 Agreement </h4>
You and CAcert both agree to the terms and conditions
@@ -172,7 +172,7 @@ including the NRP-DaL.
-<h4> <a id="s1.2"> 1.2 </a> Licence </h4>
+<h4 id="s1.2"> 1.2 Licence </h4>
As part of the Community, CAcert offers you these rights:
@@ -195,7 +195,7 @@ As part of the Community, CAcert offers you these rights:
non-exclusive, and non-transferrable.
-<h4> <a id="s1.3"> 1.3 </a> Your Contributions </h4>
+<h4 id="s1.3"> 1.3 Your Contributions </h4>
@@ -226,7 +226,7 @@ Note that the following exceptions override this clause:
Source code is subject to an open source licence regime.
-<h4> <a id="s1.4"> 1.4 </a> Privacy </h4>
+<h4 id="s1.4"> 1.4 Privacy </h4>
@@ -242,14 +242,14 @@ CAcert Community administrators and Assurers.
Privacy is further covered in the Privacy Policy ("PP" =&gt; COD5).
-<h3> <a id="s2"> 2. </a> Your Risks, Liabilities and Obligations </h3>
+<h3 id="s2"> 2. Your Risks, Liabilities and Obligations </h3>
As a Member, you have risks, liabilities
and obligations within this agreement.
-<h4> <a id="s2.1"> 2.1 </a> Risks </h4>
+<h4 id="s2.1"> 2.1 Risks </h4>
A certificate may prove unreliable.
@@ -261,7 +261,7 @@ and obligations within this agreement.
(DRP =&gt; COD7).
-<h4> <a id="s2.2"> 2.2 </a> Liabilities </h4>
+<h4 id="s2.2"> 2.2 Liabilities </h4>
You are liable for any penalties
@@ -283,7 +283,7 @@ and obligations within this agreement.
The Arbitration Act will not apply to criminal cases.
-<h4> <a id="s2.3"> 2.3 </a> Obligations </h4>
+<h4 id="s2.3"> 2.3 Obligations </h4>
You are obliged
@@ -301,7 +301,7 @@ and obligations within this agreement.
(DRP =&gt; COD7).
-<h4> <a id="s2.4"> 2.4 </a> Principles </h4>
+<h4 id="s2.4"> 2.4 Principles </h4>
As a Member of CAcert, you are a member of
@@ -313,7 +313,7 @@ the Community.
<a href="">Principles of the Community</a>.
-<h4> <a id="s2.5"> 2.5 </a> Security </h4>
+<h4 id="s2.5"> 2.5 Security </h4>
CAcert exists to help you to secure yourself.
You are primarily responsible for your own security.
@@ -347,9 +347,9 @@ degree, in proportion with your risks and the risks of
-<h3> <a id="s3"> 3. </a> Law and Jurisdiction </h3>
+<h3 id="s3"> 3. Law and Jurisdiction </h3>
-<h4> <a id="s3.1"> 3.1 </a> Governing Law </h4>
+<h4 id="s3.1"> 3.1 Governing Law </h4>
This agreement is governed under the law of
@@ -357,7 +357,7 @@ New South Wales, Australia,
being the home of the CAcert Inc. Association.
-<h4> <a id="s3.2"> 3.2 </a> Arbitration as Forum of Dispute Resolution </h4>
+<h4 id="s3.2"> 3.2 Arbitration as Forum of Dispute Resolution </h4>
You agree, with CAcert and all of the Community,
@@ -390,7 +390,7 @@ that is simply support actions, and you may file disputes in
order to initiate support actions.
-<h4> <a id="s3.3"> 3.3 </a> Termination </h4>
+<h4 id="s3.3"> 3.3 Termination </h4>
You may terminate this agreement by resigning
from CAcert. You may do this at any time by
@@ -415,7 +415,7 @@ agreement or bind you to a ruling.
Only the Arbitrator may terminate this agreement with you.
-<h4> <a id="s3.4"> 3.4 </a> Changes of Agreement </h4>
+<h4 id="s3.4"> 3.4 Changes of Agreement </h4>
CAcert may from time to time vary the terms of this Agreement.
@@ -431,7 +431,7 @@ Continued use of the service shall be deemed to be agreement
by you.
-<h4> <a id="s3.5"> 3.5 </a> Communication </h4>
+<h4 id="s3.5"> 3.5 Communication </h4>
Notifications to CAcert are to be sent by
@@ -455,9 +455,9 @@ to receive emails from CAcert.
Arbitration is generally conducted by email.
-<h3> <a id="s4"> 4. </a> Miscellaneous </h3>
+<h3 id="s4"> 4. Miscellaneous </h3>
-<h4> <a id="s4.1"> 4.1 </a> Other Parties Within the Community </h4>
+<h4 id="s4.1"> 4.1 Other Parties Within the Community </h4>
As well as you and other Members in the Community,
@@ -470,7 +470,7 @@ mirror and reinforce these terms.
-<h4> <a id="s4.2"> 4.2 </a> References and Other Binding Documents </h4>
+<h4 id="s4.2"> 4.2 References and Other Binding Documents </h4>
This agreement is CAcert Official Document 9 (COD9)
@@ -507,7 +507,7 @@ and may not be replaced or waived except
by formal policy channels and by Arbitration.
-<h4> <a id="s4.3"> 4.3 </a> Informative References </h4>
+<h4 id="s4.3"> 4.3 Informative References </h4>
The governing documents are in English.
@@ -525,7 +525,7 @@ The Handbook is not however an agreement, and is overruled
by this agreement and others listed above.
-<h4> <a id="s4.4"> 4.4 </a> Not Covered in this Agreement </h4>
+<h4 id="s4.4"> 4.4 Not Covered in this Agreement </h4>
<b>Intellectual Property.</b>
diff --git a/www/policy/CertificationPracticeStatement.html b/www/policy/CertificationPracticeStatement.html
index fed7001..21c3903 100644
--- a/www/policy/CertificationPracticeStatement.html
+++ b/www/policy/CertificationPracticeStatement.html
@@ -290,9 +290,9 @@ Licence: <a style="color: steelblue" href="
<!-- *************************************************************** -->
-<h2><a id="p1">1. INTRODUCTION</a></h2>
+<h2 id="p1">1. INTRODUCTION</h2>
-<h3><a id="p1.1">1.1. Overview</a></h3>
+<h3 id="p1.1">1.1. Overview</h3>
This document is the Certification Practice Statement (CPS) of
@@ -304,7 +304,7 @@ including Assurers, Members, and CAcert itself.
-<h3><a id="p1.2">1.2. Document name and identification</a></h3>
+<h3 id="p1.2">1.2. Document name and identification</h3>
This document is the Certification Practice Statement (CPS) of CAcert.
@@ -363,7 +363,7 @@ except where explicitly deferred to.
See also <a href="#p1.5.1">1.5.1 Organisation Administering the Document</a>.
-<h3><a id="p1.3">1.3. PKI participants</a></h3>
+<h3 id="p1.3">1.3. PKI participants</h3>
The CA is legally operated by CAcert Incorporated,
an Association registered in 2002 in
@@ -383,19 +383,19 @@ with the <em>Association Members</em>, which latter are
not referred to anywhere in this CPS.)
-<h4><a id="p1.3.1">1.3.1. Certification authorities</a></h4>
+<h4 id="p1.3.1">1.3.1. Certification authorities</h4>
CAcert does not issue certificates to external
intermediate CAs under the present CPS.
-<h4><a id="p1.3.2">1.3.2. Registration authorities</a></h4>
+<h4 id="p1.3.2">1.3.2. Registration authorities</h4>
Registration Authorities (RAs) are controlled under Assurance Policy
(<a href="">COD13</a>).
-<h4><a id="p1.3.3">1.3.3. Subscribers</a></h4>
+<h4 id="p1.3.3">1.3.3. Subscribers</h4>
CAcert issues certificates to Members only.
@@ -403,7 +403,7 @@ Such Members then become Subscribers.
-<h4><a id="p1.3.4">1.3.4. Relying parties</a></h4>
+<h4 id="p1.3.4">1.3.4. Relying parties</h4>
A relying party is a Member,
@@ -414,7 +414,7 @@ who, in the act of using a CAcert certificate,
makes a decision on the basis of that certificate.
-<h4><a id="p1.3.5">1.3.5. Other participants</a></h4>
+<h4 id="p1.3.5">1.3.5. Other participants</h4>
@@ -453,7 +453,7 @@ No other rights nor relationship is implied or offered.
-<h3><a id="p1.4">1.4. Certificate usage</a></h3>
+<h3 id="p1.4">1.4. Certificate usage</h3>
<p>CAcert serves as issuer of certificates for
individuals, businesses, governments, charities,
@@ -552,7 +552,7 @@ and risks, liabilities and obligations in
<div class="c figure">Table 1.4. Types of Certificate</div>
-<h4><a id="p1.4.1">1.4.1. Appropriate certificate uses</a></h4>
+<h4 id="p1.4.1">1.4.1. Appropriate certificate uses</h4>
General uses.
@@ -589,7 +589,7 @@ General uses.
-<h4><a id="p1.4.2">1.4.2. Prohibited certificate uses</a></h4>
+<h4 id="p1.4.2">1.4.2. Prohibited certificate uses</h4>
CAcert certificates are not designed, intended, or authorised for
the following applications:
@@ -603,7 +603,7 @@ the following applications:
or severe environmental damage.
-<h4><a id="p1.4.3">1.4.3. Unreliable Applications</a></h4>
+<h4 id="p1.4.3">1.4.3. Unreliable Applications</h4>
CAcert certificates are not designed nor intended for use in
@@ -639,7 +639,7 @@ for these applications:
-<h4><a id="p1.4.4">1.4.4. Limited certificate uses</a></h4>
+<h4 id="p1.4.4">1.4.4. Limited certificate uses</h4>
By contract or within a specific environment
@@ -663,7 +663,7 @@ any harm or liability caused by such usage.
policy or other external regime agreed by the parties.
-<h4><a id="p1.4.5">1.4.5. Roots and Names</a></h4>
+<h4 id="p1.4.5">1.4.5. Roots and Names</h4>
<strong>Named Certificates.</strong>
@@ -811,19 +811,19 @@ and will be submitted to vendors via the (Top-level) Root.
<div class="c figure">Table 1.4.5.b Certificate under Audit Roots</div>
-<h3><a id="p1.5">1.5. Policy administration</a></h3>
+<h3 id="p1.5">1.5. Policy administration</h3>
<p>See <a href="#p1.2">1.2 Document Name and Identification</a>
for general scope of this document.</p>
-<h4><a id="p1.5.1">1.5.1. Organization administering the document</a></h4>
+<h4 id="p1.5.1">1.5.1. Organization administering the document</h4>
This document is administered by the policy group of
the CAcert Community under Policy on Policy (<a href="">COD1</a>).
-<h4><a id="p1.5.2">1.5.2. Contact person</a></h4>
+<h4 id="p1.5.2">1.5.2. Contact person</h4>
For questions including about this document:
@@ -836,14 +836,14 @@ For questions including about this document:
<li>IRC: #CAcert (ssl port 7000, non-ssl port 6667)</li>
-<h4><a id="p1.5.3">1.5.3. Person determining CPS suitability for the policy</a></h4>
+<h4 id="p1.5.3">1.5.3. Person determining CPS suitability for the policy</h4>
This CPS and all other policy documents are managed by
the policy group, which is a group of Members of the
Community found at policy forum. See discussion forums above.
-<h4><a id="p1.5.4">1.5.4. CPS approval procedures</a></h4>
+<h4 id="p1.5.4">1.5.4. CPS approval procedures</h4>
CPS is controlled and updated according to the
Policy on Policy
@@ -862,14 +862,14 @@ The process is modelled after some elements of
the RFC process by the IETF.
-<h4><a id="p1.5.5">1.5.5 CPS updates</a></h4>
+<h4 id="p1.5.5">1.5.5 CPS updates</h4>
As per above.
-<h3><a id="p1.6">1.6. Definitions and acronyms</a></h3>
+<h3 id="p1.6">1.6. Definitions and acronyms</h3>
<strong><a id="d_cert">Certificate</a></strong>.
@@ -1040,10 +1040,10 @@ As per above.
<!-- *************************************************************** -->
-<h3><a id="p2.1">2.1. Repositories</a></h3>
+<h3 id="p2.1">2.1. Repositories</h3>
CAcert operates no repositories in the sense
@@ -1057,7 +1057,7 @@ there are means for Members to search, retrieve
and verify certain data about themselves and others.
-<h3><a id="p2.2">2.2. Publication of certification information</a></h3>
+<h3 id="p2.2">2.2. Publication of certification information</h3>
CAcert publishes:
@@ -1076,24 +1076,24 @@ certificates is presumed to be public and published, once
issued and delivered to the Member.
-<h3><a id="p2.3">2.3. Time or frequency of publication</a></h3>
+<h3 id="p2.3">2.3. Time or frequency of publication</h3>
Root and Intermediate Certificates and CRLs are
made available on issuance.
-<h3><a id="p2.4">2.4. Access controls on repositories</a></h3>
+<h3 id="p2.4">2.4. Access controls on repositories</h3>
<p> No stipulation. </p>
<!-- *************************************************************** -->
-<h3><a id="p3.1">3.1. Naming</a></h3>
+<h3 id="p3.1">3.1. Naming</h3>
-<h4><a id="p3.1.1">3.1.1. Types of names</a></h4>
+<h4 id="p3.1.1">3.1.1. Types of names</h4>
<strong>Client Certificates.</strong>
@@ -1201,13 +1201,13 @@ Email addresses are verified according to
<a href="#p4.2.2">&sect;4.2.2.</a>
-<h4><a id="p3.1.3">3.1.3. Anonymity or pseudonymity of subscribers</a></h4>
+<h4 id="p3.1.3">3.1.3. Anonymity or pseudonymity of subscribers</h4>
See <a href="#p1.4.5">&sect;1.4.5</a>.
-<h4><a id="p3.1.4">3.1.4. Rules for interpreting various name forms</a></h4>
+<h4 id="p3.1.4">3.1.4. Rules for interpreting various name forms</h4>
Interpretation of Names is controlled by the Assurance Policy,
is administered by means of the Member's account,
@@ -1217,7 +1217,7 @@ should be expected as fraud (e.g., phishing)
may move too quickly for policies to fully document rules.
-<h4><a id="p3.1.5">3.1.5. Uniqueness of names</a></h4>
+<h4 id="p3.1.5">3.1.5. Uniqueness of names</h4>
Uniqueness of Names within certificates is not guaranteed.
@@ -1232,7 +1232,7 @@ Domain names and email address
can only be registered to one Member.
-<h4><a id="p3.1.6">3.1.6. Recognition, authentication, and role of trademarks</a></h4>
+<h4 id="p3.1.6">3.1.6. Recognition, authentication, and role of trademarks</h4>
Organisation Assurance Policy
@@ -1243,7 +1243,7 @@ See
<a href="#p9.13">&sect;9.13</a>.
-<h4><a id="p3.1.7">3.1.7. International Domain Names</a></h4>
+<h4 id="p3.1.7">3.1.7. International Domain Names</h4>
Certificates containing International Domain Names, being those containing a
@@ -1476,7 +1476,7 @@ This criteria will apply to the email address and server host name fields for al
The CAcert Inc. Board has the authority to decide to add or remove accepted TLD Registrars on this list.
-<h3><a id="p3.2">3.2. Initial Identity Verification</a></h3>
+<h3 id="p3.2">3.2. Initial Identity Verification</h3>
Identity verification is controlled by the
@@ -1486,7 +1486,7 @@ the following is representative and brief only.
-<h4><a id="p3.2.1">3.2.1. Method to prove possession of private key</a></h4>
+<h4 id="p3.2.1">3.2.1. Method to prove possession of private key</h4>
CAcert uses industry-standard techniques to
@@ -1504,7 +1504,7 @@ ActiveX uses a challenge-response protocol
to check the private key dynamically.
-<h4><a id="p3.2.2">3.2.2. Authentication of Individual Identity</a></h4>
+<h4 id="p3.2.2">3.2.2. Authentication of Individual Identity</h4>
@@ -1591,7 +1591,7 @@ certificates that state their Assured Name(s).
-<h4><a id="p3.2.3">3.2.3. Authentication of organization identity</a></h4>
+<h4 id="p3.2.3">3.2.3. Authentication of organization identity</h4>
@@ -1631,7 +1631,7 @@ stated in the OAP, briefly presented here:
-<h4><a id="p3.2.4">3.2.4. Non-verified subscriber information</a></h4>
+<h4 id="p3.2.4">3.2.4. Non-verified subscriber information</h4>
All information in the certificate is verified,
@@ -1639,7 +1639,7 @@ see Relying Party Statement, <a href="#p4.5.2">&sect;4.5.2</a>.
-<h4><a id="p3.2.5">3.2.5. Validation of authority</a></h4>
+<h4 id="p3.2.5">3.2.5. Validation of authority</h4>
The authorisation to obtain a certificate is established as follows:
@@ -1673,7 +1673,7 @@ See Organisation Assurance Policy.
-<h4><a id="p3.2.6">3.2.6. Criteria for interoperation</a></h4>
+<h4 id="p3.2.6">3.2.6. Criteria for interoperation</h4>
CAcert does not currently issue certificates to subordinate CAs
@@ -1682,13 +1682,13 @@ Other CAs may become Members, and are then subject to the
same reliance provisions as all Members.
-<h3><a id="p3.3">3.3. Re-key Requests</a></h3>
+<h3 id="p3.3">3.3. Re-key Requests</h3>
Via the Member's account.
-<h3><a id="p3.4">3.4. Revocations Requests</a></h3>
+<h3 id="p3.4">3.4. Revocations Requests</h3>
Via the Member's account.
@@ -1701,7 +1701,7 @@ process or file a dispute.
<!-- *************************************************************** -->
The general life-cycle for a new certificate for an Individual Member is:</p>
@@ -1732,16 +1732,16 @@ The general life-cycle for a new certificate for an Individual Member is:</p>
-<h3><a id="p4.1">4.1. Certificate Application</a></h3>
+<h3 id="p4.1">4.1. Certificate Application</h3>
-<h4><a id="p4.1.1">4.1.1. Who can submit a certificate application</a></h4>
+<h4 id="p4.1.1">4.1.1. Who can submit a certificate application</h4>
Members may submit certificate applications.
On issuance of certificates, Members become Subscribers.
-<h4><a id="p4.1.2">4.1.2. Adding Addresses</a></h4>
+<h4 id="p4.1.2">4.1.2. Adding Addresses</h4>
The Member can claim ownership or authorised control of
@@ -1760,7 +1760,7 @@ There are these controls:</p>
-<h4><a id="p4.1.3">4.1.3. Preparing CSR </a></h4>
+<h4 id="p4.1.3">4.1.3. Preparing CSR </h4>
Members generate their own key-pairs.
@@ -1775,7 +1775,7 @@ The Certificate Signing Request (CSR) is prepared by the
Member for presentation to the automated system.
-<h3><a id="p4.2">4.2. Certificate application processing</a></h3>
+<h3 id="p4.2">4.2. Certificate application processing</h3>
The CA's certificate application process is completely automated.
@@ -1788,7 +1788,7 @@ purpose, the requirements for each purpose must be
-<h4><a id="p4.2.1">4.2.1. Authentication </a></h4>
+<h4 id="p4.2.1">4.2.1. Authentication </h4>
The Member logs in to her account on the CAcert website
@@ -1796,7 +1796,7 @@ fulfilled.
and passphrase or with her CAcert client-side digital certificate.
-<h4><a id="p4.2.2">4.2.2. Verifying Control</a></h4>
+<h4 id="p4.2.2">4.2.2. Verifying Control</h4>
In principle, at least two controls are placed on each address.
@@ -1879,7 +1879,7 @@ Notes.</p>
-<h4><a id="p4.2.3">4.2.3. Options Available</a></h4>
+<h4 id="p4.2.3">4.2.3. Options Available</h4>
The Member has options available:
@@ -1902,7 +1902,7 @@ The Member has options available:
-<h4><a id="p4.2.4">4.2.4. Client Certificate Procedures</a></h4>
+<h4 id="p4.2.4">4.2.4. Client Certificate Procedures</h4>
For an individual client certificate, the following is required.</p>
@@ -1918,7 +1918,7 @@ For an individual client certificate, the following is required.</p>
-<h4><a id="p4.2.5">4.2.5. Server Certificate Procedures</a></h4>
+<h4 id="p4.2.5">4.2.5. Server Certificate Procedures</h4>
For a server certificate, the following is required:</p>
@@ -1933,14 +1933,14 @@ For a server certificate, the following is required:</p>
-<h4><a id="p4.2.6">4.2.6. Code-signing Certificate Procedures</a></h4>
+<h4 id="p4.2.6">4.2.6. Code-signing Certificate Procedures</h4>
Code-signing certificates are made available to Assurers only.
They are processed in a similar manner to client certificates.
-<h4><a id="p4.2.7">4.2.7. Organisation Domain Verification</a></h4>
+<h4 id="p4.2.7">4.2.7. Organisation Domain Verification</h4>
Organisation Domains are handled under the Organisation Assurance Policy
@@ -1948,9 +1948,9 @@ and the Organisation Handbook.
-<h3><a id="p4.3">4.3. Certificate issuance</a></h3>
+<h3 id="p4.3">4.3. Certificate issuance</h3>
-<h4><a id="p4.3.1">4.3.1. CA actions during certificate issuance</a></h4>
+<h4 id="p4.3.1">4.3.1. CA actions during certificate issuance</h4>
<strong>Key Sizes.</strong>
@@ -2047,7 +2047,7 @@ algorithm following the process:
<div class="c figure">Table 4.3.1. Permitted Data in Signed OpenPgp Keys</div>
-<h4><a id="p4.3.2">4.3.2. Notification to subscriber by the CA of issuance of certificate</a></h4>
+<h4 id="p4.3.2">4.3.2. Notification to subscriber by the CA of issuance of certificate</h4>
Once signed, the certificate is
@@ -3493,7 +3493,7 @@ and takes privacy more seriously.
Any privacy issue may be referred to dispute resolution.
-<h4><a id="p9.4.5">9.4.5. Notice and consent to use private information</a></h4>
+<h4 id="p9.4.5">9.4.5. Notice and consent to use private information</h4>
Members are permitted to rely on certificates of other Members.
As a direct consequence of the general right to rely,