== Overview ==

Source;[


== Principles ==


== Procedures ==

== Assessment against Requirements ==

 [[Roots/EscrowAndRecovery#Requirements for Escrow/Recovery|]]

=== Author Assessment ===

 This is the assessment by the proposal author:

 [[Roots/EscrowAndRecovery#Implicit|Implicit requirements]]
 || z.1 ||<(>  ||
 || z.2 ||<(>  ||
 || z.3 ||<(>  ||
 || z.4 ||<(>  ||
 || z.5 ||<(>  ||
 || z.6 ||<(>  ||
 || z.7 ||<(>  ||
 || z.8 ||<(>  ||

 [[Roots/EscrowAndRecovery#SecurityPolicy|Security Policy Requirements]]
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#SP9.2.1|SP9.2.1]] ||  ||
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#9.2.2|SP9.2.2]]-a ||  ||
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#9.2.2|SP9.2.2]]-b ||  ||
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#9.2.2|SP9.2.2]]-c ||  ||
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#9.2.2|SP9.2.2]]-d ||  ||
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#9.2.2|SP9.2.2]]-e ||  ||
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#9.2.2|SP9.2.2]]-f ||  ||
 || [[https://svn.cacert.org/CAcert/Policies/SecurityPolicy.html#9.2.3|SP9.2.3]] || ||

 [[Roots/EscrowAndRecovery#DRC|DRC Requirements]]
 || '''C.3.c''' ||<(> The root certificate private key is stored secure from electronic and physical compromise. ||
 ||||<(> ||
 || '''C.3.d''' ||<(> The root certificate private key is stored by the CA and not by any outside party. ||
 ||||<(>  ||
 || '''C.3.e''' ||<(> The root certificate private key pass-phrase (i.e. password) is not stored electronically or physically. ||
 ||||<(>   ||
 || '''C.3.f''' ||<(> The root certificate private key pass-phrase (or parts thereof) is known only to CA personnel ||
 ||||<(> ||
 || '''C.3.g''' ||<(> Provision is made to prevent loss of the root certificate through a single-point of failure of electronic equipment (including physical destruction of such equipment). ||
 ||||<(>  ||
 || '''C.3.h''' ||<(> Provision is made to prevent loss of use of the root certificate resulting from the loss of one key person.||
 ||||<(>  ||
 || '''C.3.i''' ||<(> Use of the root certificate private key requires cooperative action by at least two CA personnel. ||
 ||||<(>  ||

=== Community Member Assessment ===

 You, the community member are encourages to assess this procedures also. Please fill out the table below with a 1-10 rating with 1 being strongly meets criteria and 10 being fails criteria.

 || Z1 || Z2 || Z3 || Z4 || Z5 || Z6 || Z7 || Z8 || SP9.2.1 || SP9.2.2-a ||  SP9.2.2-b ||  SP9.2.2-c ||  SP9.2.2-d ||  SP9.2.2-e || SP9.2.2-f || SP9.2.3 || C.3.c ||  C.3.d ||  C.3.e ||  C.3.f ||  C.3.g ||  C.3.h || C.3.i ||
 || Z || || || || || || || || SP || || || || || || || || DRC || || || || || || ||

 Comments:
 (as you wish)

==== Community Member Assessment by XXXXX  ====