Exceptions

Unverified Email addresses

No Login, no certs

Unassured user

Only Class1 certs

TVerify System

Get more points - depricated

Super Assurance

Can issue <=150 points AP prevents Super-Assurers program, depricated

System Administrators

Can do a lot

Organisation Assurance

Can issue organisational certs, delegate

Client vs. Server certificates

Different certificate usages

OpenPGP signatures vs. X.509

PGP signatures (CA cannot change names), certificates

Different date formats

DD.MM.YYYY vs. YYYY-MM-DD, ...

TTP system

TTP-assisted-assurance policy in Draft, under deployment

Code Signing

Special certificate usage, higher security demands

Expired certificates

Expired CAs

2030

Class 3 certificates

Sub CA

Anonymous certificates

Certificates with "WoT User" instead of a personal name

Teenagers

Can issue <=10 points

Location DB Admins

Can change the Location DB

Revocation

against non-repudiation

OCSP, CRL

certificate status check

Xenroll, <keygen>, CSR

Xenroll produces CSR, <keygen> produces SPKAC

advanced, qualified certificates

EU inventions with higher demands

Digital Signatures

longterm issues

API

automatic API, Integration Interface

Internal Auditor

Read Only access to the DB

TrustCheck

Trustchecked personnel

Y2K Problem

and other date/time problems

SmartCards vs. Software

limitations of SmartCards, Security, Privacy, qualified

Disabled Users

Since blind people can't see to verify documents, are they allowed to assure?