summaryrefslogtreecommitdiff
path: root/www/policy/AssurancePolicy.html
diff options
context:
space:
mode:
Diffstat (limited to 'www/policy/AssurancePolicy.html')
-rw-r--r--www/policy/AssurancePolicy.html48
1 files changed, 24 insertions, 24 deletions
diff --git a/www/policy/AssurancePolicy.html b/www/policy/AssurancePolicy.html
index 818349a..c1b9e69 100644
--- a/www/policy/AssurancePolicy.html
+++ b/www/policy/AssurancePolicy.html
@@ -61,8 +61,8 @@ Last change date: 2009-01-08<br>
<h1>Assurance Policy for CAcert Community Members</h1>
-<h2><a id="s0">0.</a> Preamble</h2>
-<h3><a id="s0.1">0.1.</a> Definition of Terms</h3>
+<h2 id="s0">0. Preamble</h2>
+<h3 id="s0.1">0.1. Definition of Terms</h3>
<dl>
<dt><em>Member</em> </dt>
<dd> A Member is an individual who has agreed to the CAcert
@@ -88,7 +88,7 @@ that assists discrimination from Members with similar full names.
</dd>
</dl>
-<h3><a id="s0.2">0.2.</a> The CAcert Web of Trust</h3>
+<h3 id="s0.2">0.2. The CAcert Web of Trust</h3>
<p>
In face-to-face meetings,
an Assurer allocates a number of Assurance Points
@@ -101,7 +101,7 @@ CAcert explicitly chooses to meet its various goals by
construction of a Web-of-Trust of all Members.
</p>
-<h3><a id="s0.3">0.3.</a> Related Documentation</h3>
+<h3 id="s0.3">0.3. Related Documentation</h3>
<p>
Documentation on Assurance is split between this
Assurance Policy (AP) and the
@@ -121,7 +121,7 @@ See also Organisation Assurance Policy (<a href="https://www.cacert.org/policy/O
and CAcert Policy Statement (<a href="https://www.cacert.org/policy/CertificationPracticeStatement.html" target="_blank">CPS</a>).
</p>
-<h2><a id="s1">1.</a> Assurance Purpose</h2>
+<h2 id="s1">1. Assurance Purpose</h2>
<p>The purpose of Assurance is to add confidence
in the Assurance Statement made by the CAcert Community of a Member. </p>
<p>With sufficient assurances, a Member may: (a) issue certificates
@@ -129,7 +129,7 @@ with their assured Name included, (b) participate in assuring others,
and (c) other related activities. The strength of these activities is
based on the strength of the assurance. </p>
-<h3><a id="s1.1">1.1.</a>The Assurance Statement</h3>
+<h3 id="s1.1">1.1.The Assurance Statement</h3>
<p>
The Assurance Statement makes the following claims
about a person:
@@ -160,7 +160,7 @@ address(es), secondary distinguishing feature (e.g. DoB). </p>
</ol>
<p>The confidence level of the Assurance Statement is expressed by
the Assurance Points. </p>
-<h3><a id="s1.2">1.2.</a>Relying Party Statement</h3>
+<h3 id="s1.2">1.2.Relying Party Statement</h3>
<p>The primary goal of the Assurance Statement is for the express
purpose of certificates to meet the needs of the <em>Relying Party
Statement</em>, which latter is found in the Certification Practice
@@ -177,8 +177,8 @@ reliable indications of e.g. the Member's Name and email address. The
nature of Assurance, the number of Assurance Points, and other
policies and processes should be understood as limitations on any
reliance. </p>
-<h2><a id="s2">2.</a> The Member</h2>
-<h3><a id="s2.1">2.1.</a> The Member's Name </h3>
+<h2 id="s2">2. The Member</h2>
+<h3 id="s2.1">2.1. The Member's Name </h3>
<p>
At least one individual Name is recorded in the Member's
CAcert login account. The general standard of a Name is:
@@ -203,7 +203,7 @@ encoded in unicode
transformation format.</p>
</li>
</ul>
-<h3><a id="s2.2">2.2.</a> Multiple Names and variations</h3>
+<h3 id="s2.2">2.2. Multiple Names and variations</h3>
<p>
In order to handle the contradictions in the above general standard,
a Member may record multiple Names or multiple variations of a Name
@@ -215,7 +215,7 @@ different language or country variations,
and transliterations of characters in a name.
</p>
-<h3><a id="s2.3">2.3.</a> Status and Capabilities</h3>
+<h3 id="s2.3">2.3. Status and Capabilities</h3>
<p>
A Name which has reached
the level of 50 Assurance Points is defined as an Assured
@@ -324,7 +324,7 @@ and other policies may list other capabilities that rely on Assurance
Points.
</p>
-<h2><a id="s3">3.</a> The Assurer</h2>
+<h2 id="s3">3. The Assurer</h2>
<p>An Assurer is a Member with the following: </p>
<ul>
<li>
@@ -336,7 +336,7 @@ Points.
</ul>
<p>The Assurer Challenge is administered by the Education Team on
behalf of the Assurance Officer. </p>
-<h3><a id="s3.1">3.1.</a> The Obligations of the Assurer</h3>
+<h3 id="s3.1">3.1. The Obligations of the Assurer</h3>
<p>The Assurer is obliged to: </p>
<ul>
<li>
@@ -366,8 +366,8 @@ directed by the Arbitrator; </p>
Community. </p>
</li>
</ul>
-<h2><a id="s4">4.</a> The Assurance</h2>
-<h3><a id="s4.1">4.1.</a> The Assurance Process</h3>
+<h2 id="s4">4. The Assurance</h2>
+<h3 id="s4.1">4.1. The Assurance Process</h3>
<p>The Assurer conducts the process of Assurance with each
Member. </p>
<p>The process consists of: </p>
@@ -401,7 +401,7 @@ Assuree (Mutual Assurance); </p>
forms by Assurer. </p>
</li>
</ol>
-<h3><a id="s4.2">4.2.</a> Mutual Assurance</h3>
+<h3 id="s4.2">4.2. Mutual Assurance</h3>
<p>Mutual Assurance follows the principle of reciprocity. This
means
that the Assurance may be two-way, and that each member participating
@@ -415,7 +415,7 @@ the
Assurer, and reduces any sense of power. It is also an important aid
to the assurance training for future Assurers. </p>
-<h3><a id="s4.3">4.3.</a> Assurance Points</h3>
+<h3 id="s4.3">4.3. Assurance Points</h3>
<p>The Assurance applies Assurance Points to each Member which
measure the increase of confidence in the Statement (above).
Assurance Points should not be interpreted for any other purpose.
@@ -482,7 +482,7 @@ and under any act under any
Subsidiary Policy (below) is 50 Assurance Points.
</p>
-<h3><a id="s4.4">4.4.</a> Experience Points</h3>
+<h3 id="s4.4">4.4. Experience Points</h3>
<p>The maximum number of Assurance Points that may be awarded by
an
Assurer is determined by the Experience Points of the Assurer. </p>
@@ -562,7 +562,7 @@ permanently to an Assurer by CAcert Inc.'s Committee (board), on
recommendation from the Assurance Officer. </p>
<p>Experience Points are not to be confused with Assurance
Points. </p>
-<h3><a id="s4.5">4.5.</a> CAcert Assurance Programme (CAP) form</h3>
+<h3 id="s4.5">4.5. CAcert Assurance Programme (CAP) form</h3>
<p>The CAcert Assurance Programme (<a href="https://www.cacert.org/cap.php" target="_blank">CAP</a>)
form requests the following details of each Member or Prospective
Member: </p>
@@ -614,7 +614,7 @@ required as well; </p>
</ul>
<p>The CAP forms are to be kept at least for 7 years by the
Assurer. </p>
-<h2><a id="s5">5.</a> The Assurance Officer</h2>
+<h2 id="s5">5. The Assurance Officer</h2>
<p>The Committee (board) of CAcert Inc. appoints an Assurance
Officer
with the following responsibilities: </p>
@@ -654,21 +654,21 @@ procedures or guidelines; </p>
(web-of-trust) to meet the agreed needs of the Community. </p>
</li>
</ul>
-<h2><a id="s6">6.</a> Subsidiary Policies</h2>
+<h2 id="s6">6. Subsidiary Policies</h2>
<p>The Assurance Officer manages various exceptions and additional
processes. Each must be covered by an approved Subsidiary Policy
(refer to Policy on Policy =&gt; CAcert Official Document COD1).
Subsidiary Policies specify any additional tests of knowledge
required and variations to process and documentation, within the
general standard stated here. </p>
-<h3><a id="s6.1">6.1.</a> Standard</h3>
+<h3 id="s6.1">6.1. Standard</h3>
<p>Each Subsidiary Policy must augment and improve the general
standards in this Assurance Policy. It is the responsibility of each
Subsidiary Policy to describe how it maintains and improves the
specific and overall goals. It must describe exceptions and potential
areas of risk. </p>
-<h3><a id="s6.2">6.2.</a> High Risk Applications</h3>
+<h3 id="s6.2">6.2. High Risk Applications</h3>
<p>In addition to the Assurance or Experience Points ratings set
here and in other subsidiary policies, the Assurance Officer or policies can
designate certain applications as high risk. If so, additional
@@ -720,7 +720,7 @@ support administrators. </p>
</ul>
<p>Applications that might attract additional measures include
code-signing certificates and administration roles. </p>
-<h2><a id="s7">7.</a> Privacy</h2>
+<h2 id="s7">7. Privacy</h2>
<p>CAcert is a "privacy" organisation, and takes the
privacy of its Members seriously. The process maintains the security
and privacy of both parties. </p>