• PolicyDrafts
• OrganisationAssurance

This is a translation of PolicyDrafts/OrganisationAssuranceGerman

It is made by using babelfish by a non-native-english-speaker - so it is _not_ good english. Native speakers, who like to correct it, are welcome.

See PolicyDrafts/OrganisationAssuranceGerman for updates and/or finish this translation.

Concept for CAcert Organizations Assurance:

I. Organization Assurance by CAcert Organization Assurer (OA)

• Assurer for organizations can become, who
  • provides a proof of final legal training/study (eg. lawyer, Rechtspfleger, Clerk, Greffier) and
  • is already Assurer with 150 points
• CAcert Organization Assurer should assure organizations only from the countries, whose right system they were trained and/or whose right system they studied.
• The Assurance must be requested by the executive committee of the organization in number entitled to act as substitute and/or be accordingly authorized the applicants and be proven this
• The existence and agency authorization of the organization must be proven with an official document, which should not be older as one week and may not be older than one month.
• As far as official registers exist a certified excerpt from the register must be submitted.
• As far as possible the record document should be handed out or sent directly by the issuing place at the assurer.
• The assurer takes the documents to the request. All documents are to be kept for 10 years.

II. Organization Assurance by Trusted Third Parties (TTP)

• A special form must be filled out, be signed by the executive committee of the organization in number entitled to act as substitute and provided with firm stamp.
• The existence and agency authorization of the organization must be proven with an official document, which should be not older as one week and may not be older than one month.
• As far as official registers exist a certified exerrpt from the register must be submitted.
• The TTP confirms the existence of the organization and agency authorization on the form.
• The form has to be sent to a OA or at CAcert.

III. General to the organization Assurance

• Each organization is assigned a special Organization Master Account (OMA). On this account the following administrative tasks can be done:
  • add a domain (with prove by email)
  • add a organization unit (OU)
  • add of normal CAcert accounts as Organization Branch Accounts (OBA)
  • allocation of OU to OBAs
  • signing of server certificates
  • generating client certificates
  • signung of PGP keys
• The Organization Branch Accounts (OBA) can do the following administrative tasks under use of the organization data and domains as well as the assigned organization units:
  • signing of server certificates
  • generating client certificates
  • signung of PGP keys
• If changes in the agency authorization are proven, the new agency-authorized is justified to request the allocation of the organization to another OMA or the deletion the organization and revoke of all certificates.