Current Key Persons

The following members are listed as key persons. In the case of an urgent emergency try to contact the keypersons-mailing list , or one of those members.

The list is currently maintained by EvaStöwe based on motion m20160521.5.

Procedure for maintenance of the Key Persons List


According to the Security Policy section 6.4 the Board must maintain a Key Persons List with all contact information needed in case a disaster recovery is needed. This page describes how this list is constructed, maintained and made available even if CAcert's core infrastructure is not available.

Who should be on the list

The following people are meant to be on the Key Persons List:

Not essencial but possible:

The following roles are currently not available but may be added if available:

Additionally contact data for secure-u should be added, if possible. Secure-u board may be added on their request.

The decision about who is on the list lies in the hand of the maintainer of the list but should be coordinated with board and teams.

Which contact information should be maintained

The following contact information should be maintained for each list member:


How to collect the information

The board designates a person (can be a board member, but can also be one of the other key persons) who is responsible for collecting the stated contact information from each key person on the list. Collection will be generally by e-mailing each list member with a request to supply his/her personal contact information, and a request to supply an update whenever something changes. The collector compiles all received contact information in a single overview ready for distribution (see below).

Each key person is also asked to provide a CARS that he/she will only use the data from the key persons list for CAcert desaster recovery reasons. This can be updated to include also management, distribution and furhter handling of the key persons list or anything else directly related to the purpose of the collection of the data.

If a key person cannot give such a statement, the other key persons have to be asked for there consent before that person is provided with the data.


The collector will poll all key persons to verify whether the contact information is still up-to-date, and applie the updates to the compiled overview.

How to distribute the information

Because most of this information is likely to be privacy-sensitive for most people, the information will only be distributed to other key people list members with a strict instruction to only use it for purposes of CAcert disaster recovery support.

The collector will send out a complete Key People Contacts list every 3 months by e-mail to all people on the list. This way every list member should have a reasonably up-to-date version of the required information in his mailbox.

A warning should be included for people with a address: they should save this message to a location which is not directly dependent on CAcert infrastructure, since that may not be available at the time the list is most needed!

All key persons are asked to handled the data carefully and to consider encryption as long as this does not interfere severly with the availability of the data for each key person.

Leaving Key Persons

If members on the key persons list stop to be active in the roles for which they are on the list, they should be replaced by more active members, if there is no specific reason to keep them on the list.

Any member who is removed from the Key Persons List, should be informed about this step and should be asked to delete the data, as soon as there is no further need to keep it. Their own data should be removed from the next version of the list that is distributed.


Additionally to the key persons list a mailing list can be maintained with all key persons. The key persons data is not meant to be send over this list in normal situations. The mailing list is meant to be used for reporting of possible emergencies and possible desaster recovery, if possible.

Anybody should be able to send to that mailing list.

possible mail templates

to be added when available

Inputs & Thoughts

Community/HomePagesMembers/EvaStöwe/KPL_process (last edited 2019-11-03 16:14:35 by WytzevanderRaay)