From 313bbc31ddcad1ce554c347eb89f3ed8fa5ee860 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20T=C3=A4nzer?= Date: Thu, 21 Apr 2011 05:45:03 +0200 Subject: #921: Part2: Correct some more links MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit #921: "http://www.cacert.org/index.php?id=10 fixes PP (Privacy Policy)" Signed-off-by: Michael Tänzer --- includes/account_stuff.php | 2 +- includes/general_stuff.php | 2 +- www/policy/CAcertCommunityAgreement.php | 8 +- www/policy/CertificationPracticeStatement.php | 150 +++++++++++++------------- 4 files changed, 81 insertions(+), 81 deletions(-) diff --git a/includes/account_stuff.php b/includes/account_stuff.php index caa7dc7..d42ef1a 100644 --- a/includes/account_stuff.php +++ b/includes/account_stuff.php @@ -277,7 +277,7 @@ function hideall() { ?> -
| | | +
| | | | | ©2002-
diff --git a/includes/general_stuff.php b/includes/general_stuff.php index 088c39e..675de69 100644 --- a/includes/general_stuff.php +++ b/includes/general_stuff.php @@ -131,7 +131,7 @@ if(!function_exists("showfooter"))
- | | | + | | | | | | ©2002-
diff --git a/www/policy/CAcertCommunityAgreement.php b/www/policy/CAcertCommunityAgreement.php index 3106eb1..0c5fee8 100644 --- a/www/policy/CAcertCommunityAgreement.php +++ b/www/policy/CAcertCommunityAgreement.php @@ -279,7 +279,7 @@ the Community. work within the spirit of the Principles of the Community. These are described in - Principles of the Community. + Principles of the Community.

2.5 Security

@@ -451,16 +451,16 @@ You are also bound by

  1. - + Certification Practice Statement (CPS => COD6).
  2. - + Dispute Resolution Policy (DRP => COD7).
  3. Privacy Policy (PP => COD5).
  4. - + Principles of the Community.
diff --git a/www/policy/CertificationPracticeStatement.php b/www/policy/CertificationPracticeStatement.php index 6418f4d..62f673b 100644 --- a/www/policy/CertificationPracticeStatement.php +++ b/www/policy/CertificationPracticeStatement.php @@ -66,7 +66,7 @@ a:hover {

CAcert CPS and CP

-CAcert Policy Status
+CAcert Policy Status
Creation date: 20060726
Status: DRAFT p20091108
@@ -239,7 +239,7 @@ for each class of certificate.
  • Issued under the CAcert document licence policy, as and when made policy. - See + See PolicyDrafts/DocumentLicence.
    • The cited page discusses 2 options: CCau Attribute-Share-alike and GNU Free Document License. Refer to that.
    • @@ -297,12 +297,12 @@ an Association registered in 2002 in New South Wales, Australia, on behalf of the wider Community of Members of CAcert. The Association details are at the -CAcert wiki. +CAcert wiki.

      CAcert is a Community formed of Members who agree to the - + CAcert Community Agreement. The CA is technically operated by the Community, under the direction of the Board of CAcert Incorporated. @@ -320,7 +320,7 @@ intermediate CAs under the present CPS.

      1.3.2. Registration authorities

      Registration Authorities (RAs) are controlled under Assurance Policy -(COD13). +(COD13).

      1.3.3. Subscribers

      @@ -337,7 +337,7 @@ Such Members then become Subscribers. A relying party is a Member, having agreed to the CAcert Community Agreement -(COD9), +(COD9), who, in the act of using a CAcert certificate, makes a decision on the basis of that certificate.

      @@ -347,7 +347,7 @@ makes a decision on the basis of that certificate.

      Member. Membership of the Community is as defined in the -COD9. +COD9. Only Members may RELY or may become Subscribers. Membership is free.

      @@ -358,7 +358,7 @@ A senior and experienced Member of the CAcert Community who resolves disputes between Members, including ones of certificate reliance, under Dispute Resolution Policy -(COD7). +(COD7).

      @@ -835,7 +835,7 @@ and will only be used where new roots do not serve:

      • Current Mozilla position has drifted from Class 1,2,3s to DV, IV+OV and EV posture. Except, the actual posture is either unstated or difficult to fathom.
      • -
      • scheme for future roots is at NewRootsTaskForce.
      • +
      • scheme for future roots is at NewRootsTaskForce.
      • END OLD ROOTS
      @@ -848,7 +848,7 @@ and will only be used where new roots do not serve:

      This document is administered by the policy group of -the CAcert Community under Policy on Policy (COD1). +the CAcert Community under Policy on Policy (COD1).

      1.5.2. Contact person

      @@ -875,7 +875,7 @@ Community found at policy forum. See discussion forums above.

      CPS is controlled and updated according to the Policy on Policy -(COD1) +(COD1) which is part of Configuration-Control Specification (COD2).

      @@ -913,7 +913,7 @@ As per above. Member. Everyone who agrees to the CAcert Community Agreement - (COD9). + (COD9). This generally implies having an account registered at CAcert and making use of CAcert's data, programs or services. A Member may be an individual ("natural person") @@ -923,7 +923,7 @@ As per above. Community. The group of Members who agree to the CAcert Community Agreement - (COD9) + (COD9) or equivalent agreements.

      @@ -949,7 +949,7 @@ As per above. Name. As defined in the Assurance Policy - (COD13), + (COD13), to describe a name of a Member that is verified by the Assurance process.

      @@ -972,7 +972,7 @@ As per above. CAcert or the certificates that they may use, and are unaware of the ramifications of usage. They are not permitted to RELY, but may USE, under the - Non-Related Persons - Disclaimer and Licence (COD4). + Non-Related Persons - Disclaimer and Licence (COD4).

      Reliance. @@ -1058,7 +1058,7 @@ for the general public.

      -Under the Assurance Policy (COD13), +Under the Assurance Policy (COD13), there are means for Members to search, retrieve and verify certain data about themselves and others.

      @@ -1139,7 +1139,7 @@ The Subscriber Naming consists of:
      • bug 672 filed on subjectAltName.
      • -
      • O-Admin must verify as per p20081016.
      • +
      • O-Admin must verify as per p20081016.
      • it is a wip for OAP to state how this is done.
      • curiously, (RFC5280) verification is only mandated for subjectAltName not subject field.
      • what Directory String is used in above? UTF8String is specified by RFC52804.1.2.6? is this important for the CPS to state?
      • @@ -1196,7 +1196,7 @@ does not go into the certificate.

        Each Member's Name (CN= field) -is assured under the Assurance Policy (COD13) +is assured under the Assurance Policy (COD13) or subsidiary policies (such as Organisation Assurance Policy). Refer to those documents for meanings and variations.

        @@ -1237,7 +1237,7 @@ Uniqueness of Names within certificates is not guaranteed. Each certificate has a unique serial number which maps to a unique account, and thus maps to a unique Member. See the Assurance Statement within Assurance Policy -(COD13). +(COD13).

        @@ -1249,7 +1249,7 @@ can only be registered to one Member.

        Organisation Assurance Policy -(COD11) +(COD11) controls issues such as trademarks where applicable. A trademark can be disputed by filing a dispute. See @@ -1493,8 +1493,8 @@ The CAcert Inc. Board has the authority to decide to add or remove accepted TLD

        Identity verification is controlled by the - -Assurance Policy (COD13). + +Assurance Policy (COD13). The reader is refered to the Assurance Policy, the following is representative and brief only.

        @@ -1524,7 +1524,7 @@ to check the private key dynamically. Agreement. An Internet user becomes a Member by agreeing to the CAcert Community Agreement -(COD9) +(COD9) and registering an account on the online website. During the registration process Members are asked to supply information about themselves: @@ -1546,7 +1546,7 @@ for all service requests such as certificates.

        Assurance. Each Member is assured according to Assurance Policy -(COD13). +(COD13).

        @@ -1617,7 +1617,7 @@ certificates that state their Assured Name(s). Verification of organisations is delegated by the Assurance Policy to the Organisation Assurance Policy -(COD11). +(COD11). The reader is refered to the Organisation Assurance Policy, the following is representative and brief only.

        @@ -1645,15 +1645,15 @@ stated in the OAP, briefly presented here:
      • the organisation has agreed to the terms of the CAcert Community Agreement - (COD9), + (COD9), and is therefore subject to Arbitration.
        • As of the current time of writing, OA lacks critical documentation and there are bugs identified with no response.
        • -
        • documented bugs.
        • +
        • documented bugs.
        • Therefore Organisations will not participate in the current audit cycle of roots.
        • -
        • See wiki for any progress on this.
        • +
        • See wiki for any progress on this.
        @@ -1682,7 +1682,7 @@ when adding the address, §4.1.2. Individuals. The authority to participate as a Member is established by the CAcert Community Agreement -(COD9). +(COD9). Assurances are requested by means of the signed CAP form.

        @@ -1791,7 +1791,7 @@ There are these controls:

        Members generate their own key-pairs. The CAcert Community Agreement -(COD9) +(COD9) obliges the Member as responsible for security. See CCA2.5, §9.6.

        @@ -1986,7 +1986,7 @@ and the Organisation Handbook.
        • As of time of writing, there is no Handbook for Organisation Assurers or for the Organisation, and the policy needs rework; so (audit) roots will not have OA certs ....
        • -
        • Drafts for ongoing story.
        • +
        • Drafts for ongoing story.

        4.3. Certificate issuance

        @@ -2132,7 +2132,7 @@ There are no external entities that are notified about issued certificates. All Members (subscribers and relying parties) are obliged according to the CAcert Community Agreement -(COD9) +(COD9) See especially 2.3 through 2.5.

        4.5.1. Subscriber Usage and Responsibilities

        @@ -2193,7 +2193,7 @@ The term Verification as used in the Relying Party Statement means one of Relying parties are Members, and as such are bound by this CPS and the CAcert Community Agreement -(COD9). +(COD9). The licence and permission to rely is not assignable.

        @@ -2223,7 +2223,7 @@ that binds the parties to dispute resolution within CAcert's forum, a person is a Non-Related-Person (NRP). An NRP is not permitted to rely and is not a Relying Party. For more details, see the -NRP - Disclaimer and Licence (COD4). +NRP - Disclaimer and Licence (COD4).

        4.5.2.c The Act of Reliance
        @@ -2671,7 +2671,7 @@ Refer to Security Policy 4.3 (COD13) + Refer to Assurance Policy (COD13)
      • Governance: @@ -2698,7 +2698,7 @@ or with two persons controlling (dual control).

        All important roles are generally required to be assured at least to the level of Assurer, as per AP. -Refer to Assurance Policy (COD13). +Refer to Assurance Policy (COD13).

        @@ -2723,13 +2723,13 @@ Roles strive in general for separation of duties, either along the lines of Role Policy Comments Assurer - COD13 + COD13 Passes Challenge, Assured to 100 points. Organisation Assurer - COD11 + COD11 Trained and tested by two supervising OAs. @@ -2741,7 +2741,7 @@ Roles strive in general for separation of duties, either along the lines of Arbitrator - COD7 + COD7 Experienced Assurers. @@ -3131,7 +3131,7 @@ but their availability is a subscriber responsibility.

        The operational period of a certificate and its key pair depends on the Assurance status of the Member, -see §1.4.5 and Assurance Policy (COD13). +see §1.4.5 and Assurance Policy (COD13).

        @@ -3373,7 +3373,7 @@ There are two major threads of assessment:

        See the Audit page at - + wiki.cacert.org/wiki/Audit/ for more information.

        @@ -3515,9 +3515,9 @@ should be reworked to conform, or should be dropped

        8.5. Actions taken as a result of deficiency

        See the current -Audit Done list +Audit Done list for work completed, and -Audit Todo list +Audit Todo list for work in progress.

        @@ -3537,7 +3537,7 @@ as the criteria, above.

        The - + wiki.cacert.org/wiki/AuditDirectives documents issued directives and actions.

        @@ -3546,14 +3546,14 @@ documents issued directives and actions.

        Current and past Audit information is available at -wiki.CAcert.org/wiki/Audit/. +wiki.CAcert.org/wiki/Audit/. CAcert runs an open disclosure policy and Audit is no exception.

        This CPS and other documents are subject to -the process in Policy on Policy (COD1). +the process in Policy on Policy (COD1). Audits cover the overall processes more than any one document, and documents may vary even as Audit reports are delivered. @@ -3569,9 +3569,9 @@ even as Audit reports are delivered.

        The current fees structure is posted at -wiki.cacert.org/wiki/Price. +wiki.cacert.org/wiki/Price. Changes to the fees structure will be announced -from time to time on the blog. +from time to time on the blog. CAcert retains the right to charge fees for services. All fees are non-refundable.

        @@ -3582,7 +3582,7 @@ All fees are non-refundable.

        Financial risks are dealt with primarily by the Dispute Resolution Policy -(COD7). +(COD7).

        9.2.1. Insurance coverage

        @@ -3643,7 +3643,7 @@ Names, domains, email addresses, and certificate serial numbers.

        Under Assurance Policy -(COD13) +(COD13) the Member's status (as Assured, Assurer, etc) is available to other Members.

        @@ -3701,9 +3701,9 @@ some deviations are necessary. Assets that fall under the control of CCS must be transferred to CAcert. See PoP 6.2 -(COD1), +(COD1), CCA 1.3 -(COD9). +(COD9). That is, CAcert is free to use, modify, distribute, and otherwise conduct the business of the CA as CAcert sees fit with the asset. @@ -3715,7 +3715,7 @@ The brand of CAcert is made up of its logo, name, trademark, service marks, etc. Use of the brand is strictly limited by the Board, and permission is required. -See +See m20070917.5.

        @@ -3725,17 +3725,17 @@ m20070917.5. CAcert owns or requires full control over its documents, especially those covered by CCS. See PoP 6.2 -(COD1). +(COD1). Contributors transfer the rights, see CCA 1.3 -(COD9). +(COD9). Contributors warrant that they have the right to transfer.

        Documents are generally licensed under free and open licence. See - + wiki.cacert.org/wiki/PolicyDrafts/DocumentLicence. Except where explicitly negotiated, CAcert extends back to contributors a @@ -3743,9 +3743,9 @@ non-exclusive, unrestricted perpetual licence, permitting them to to re-use their original work freely. See PoP 6.4 -(COD1), +(COD1), CCA 1.3 -(COD9). +(COD9).

        9.5.4. Code

        @@ -3777,15 +3777,15 @@ their original work freely. CAcert asserts its intellectual property rights over certificates issued to Members and over roots. See CCA 4.4 -(COD9), +(COD9), CCS. The certificates may only be used by Members under -COD9, +COD9, and, by others under the licences offered, such as Non-Related Persons - Disclaimer and Licence -(COD4). +(COD4).

        9.6. Representations and warranties

        @@ -3795,7 +3795,7 @@ Non-Related Persons - Disclaimer and Licence Members. All Members of the Community agree to the CAcert Community Agreement -(COD9), +(COD9), which is the primary document for representations and warranties. Members include Subscribers, Relying Parties, @@ -3806,7 +3806,7 @@ Registration Agents and the CA itself. RAs. Registration Agents are obliged additionally by Assurance Policy, especially 3.1, 4.1 -(COD13). +(COD13).

        @@ -3832,7 +3832,7 @@ to be Members in the Community.

        Persons who have not accepted the above Agreements are offered the Non-Related Persons - Disclaimer and Licence -(COD4). +(COD4). Any representations and warranties are strictly limited to nominal usage. In essence, NRPs may USE but must not RELY. @@ -3868,7 +3868,7 @@ CAcert on behalf of related parties (RAs, Subscribers, etc) and itself disclaims all liability to NRPs in their usage of CA's certificates. -See COD4. +See COD4.

        9.8.2 Liabilities Between Members

        @@ -3900,11 +3900,11 @@ No stipulation.

        Members file a dispute to terminate their agreement. See §9.13 and CCA 3.3 -(COD9). +(COD9).

        -Documents are varied (including terminated) under COD1. +Documents are varied (including terminated) under COD1.

        @@ -3923,16 +3923,16 @@ No stipulation. All participants are obliged to keep their listed primary email addresses in good working order. See CCA 3.5 -(COD9). +(COD9).

        9.12. Amendments

        -Amendments to the CPS are controlled by COD1. +Amendments to the CPS are controlled by COD1. Any changes in Member's Agreements are notified under CCA 3.4 -(COD9). +(COD9).

        9.13. Dispute resolution provisions

        @@ -3945,7 +3945,7 @@ or other related party to file a dispute.
        • The CAcert Dispute Resolution Policy - (COD7) + (COD7) includes rules for dispute resolution.
        • Filing is done via email to @@ -3999,7 +3999,7 @@ obligations, risks and liabilities on the parties.

          See the Privacy Policy -(COD5). +(COD5).

          9.15.3 Legal Process from External Forums

          @@ -4014,7 +4014,7 @@ treated as under the Dispute Resolution Policy See §9.13 and -COD7. +COD7. That is, all requests are treated as disputes, as only a duly empanelled Arbitrator has the authorisation and authority to rule on the @@ -4038,7 +4038,7 @@ Members or not

          All Members of the Community agree to the CAcert Community Agreement -(COD9). +(COD9). This agreement also incorporates other key documents, being this CPS, DRP and PP. See CCA 4.2. @@ -4051,7 +4051,7 @@ Community, of which the above documents are part. See COD2. Documents that have reached full POLICY status are located at - + www.cacert.org/policy/. Although detailed practices may be found in other places on the website -- cgit v1.2.1