The following is information provided on the wiki, as such the wiki is not under control of the formal policy processes CAcert Inc. and so wiki information is not official documentation. The provided wiki information is an introduction only. Note that this wiki information is written by persons who have had no education or expertise in law.
Remarks about the CAcert Community Agreement (CCA)
The CAcert Community Agreement can be found here.
CAcert is a Certificate Authority ("CA") that provides certificates to our members for free.
Our members are identified by our assurance process which is based on the web of trust concept. Hence our members assure each other.
This arrangement of (i) free certificates and (ii) our web of trust assurance does have implications for all of us. We all need to take care so that the certificate issuance remains free and contributions made by and to the CAcert community are also free: with no cost to you, but also with limited risks and liabilities to you.
For this reason we need an agreement to bring us together as a community, and the Community Agreement is that agreement.
Privacy. CAcert will archive and process information (e.g. the full name as entered in the registration phase and possibly supported by official documents as ID's). This means that CAcert will have a minimal of information that needs to be maintained as private. Both our customs as a privacy community and various laws (e.g. Australian, European and U.S.) will influence procedures while keeping and processing this information. CAcert operates world-wide so CAcert has to make sure that privacy of the individual (or organisation) is maintained across a broad range of scenarios. CAcert and members should be very aggressive in securing data and especially private keys.
Care and Risks. Digital certificates need to be handled with care. We need to make sure that the end user is using certificates with care, and without any undue expectations. If any dispute arises, parties should know upfront that we use CAcert Arbitration procedure to handle disputes, under the law of NSW Australia. For both parties this includes a certain risk and it is good to be aware that the end user risk is limited (in money, to 1000 Euros, as well as various community service options). In this risk and liability, we the CAcert community are all in this together.
Community. When you enter into the CAcert Community, you enter a community that seeks to protect itself, and help you to protect yourself. Legally, we create this environment by all agreeing to the same CAcert Community Agreement, and by resolving our disputes in-house.
Most of the official CAcert policy documents can be found here. For Work in Progress (WiP) on policies and policies in draft look here.