Presentation is loading. Please wait.

Presentation is loading. Please wait.

© CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Welcome!

Published byBrittany Hutchinson Modified over 7 years ago

Similar presentations

Presentation on theme: "© CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Welcome!"— Presentation transcript:

1 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Welcome!

2 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Agenda Hi! Thanks for coming Thanks to Graeme & the Red Lion

3 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Agenda CAcert and the Audit Assurance – Purpose, Essentials The CAcert Community Agreement “old” and “new” CAP forms? Names, transliterations Foreign Passports Arbitration Organisation Assurance

4 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit

5 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit To get CAcert Root into Browsers => Audit is required => which requires: management policies + practices review of business & systems (against policies and practices).

6 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit ➢ CAcert has two major business areas: ➔ Assurance ➔ Systems

7 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit a. Assurance Assurance Policy now is in full POLICY status ➔ It is binding on all Assurers The process of Assurance can be reviewed.

8 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit a.i Auditor on (ATE) Tour Assurers shall assure the Auditor == Evidence of Assurance to policy. verifies quality of assurance (Increased quality of assurance?)

9 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit a.ii In the absence of the Auditor A Senior and Experienced Assurer should stand in his stead and be assured by each Assurer. (If already assured, then she should instead oversite the assurance of another person) Make a statement that: „assurances were conducted to Assurance Policy” "Secondary evidence" in the audit process

10 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit a.iii The review of assurances the gathering of evidence is planned to be completed 16 th May Munich.

11 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit b. Systems Review of the systems was delayed by lack of a secure hosting service. The systems were moved 1 st October, 2008 from Vienna to the secure data center at BIT, a company in Ede, NL.

12 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit b. Systems (cont.) A new team of systems administrators Approval of the Security Policy to DRAFT mode => Binding on the systems administrators and the Access Engineers => now possible to review the systems against the policy.

13 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit b.i On-Site Inspection 1 st visit on 4, 5, 6 th May, 2009 warm-up: personnel, Roots, Access, inventory probably 1 st of 3 visits. Next scheduled mid-June

14 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit b.ii We still lack the CPS (which is nearly ready)

15 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAcert and the Audit b.iii Review of the software Innsbruck software camp Week 20 th April Serious difficulties in maintenance, improvement and securing Cannot form a conclusion over software New software development team, new design, new build

16 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background

17 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background The audit criteria: DRC for "David Ross Criteria". David is a retired quality engineer He started Cacert's Audit He was called to Grand Jury duty

18 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background DRC has a strong feature: requires the ➔ Risks, ➔ Liabilities, and ➔ Obligations to be clearly stated to everyone!

19 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background This raised several huge barriers for the CA: what exactly are the R/L/O? who do they apply to? are they reasonable? and, how do we deal with them?

20 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background These barriers are subtle: ➔ DRC doesn't ask them to be fair, but ➔ disclosure of R/L/O makes us consider them but CAcert people want them to be fair. which means we have to deal with them!

21 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background One big result of this thinking process we required: ➔ a CAcert Community Agreement ● and it had to do following things:

22 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background a. make Members a mutually binding Community. b. to state the R/L/O c. to limit the liabilities ➔ 1000 Euros ➔ to *allocate the liabilities* back to the Members

23 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background How do we allocate the liabilities? ➔ By making our own „forum of dispute resolution“, ➔ agreeing to be bound to that resolution, ➔ writing a Policy to control that process: ==> Arbitration.

24 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Audit Background Summary: The original “Why” of Arbitration: ➔ Audit (DRC) forced disclosure of Liabilities ➔ simple fix: limiting ➔ complex fix: allocation ➔ the safe and cheap way to allocate is: ➔ to use our own Arbitration (Last section discusses „How“.)

25 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Essential Documents

26 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Essential Documents

27 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Essential Documents CAcert Community Agreement (CCA) http://www.cacert.org/policy/ http://www.cacert.org/policy/ CAcertCommunityAgreement.ph p

28 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Essential Documents Assurance Policy (AP) http://www.cacert.org/policy/ http://www.cacert.org/policy/ AssurancePolicy.php

29 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Essential Documents Assurance Handbook (AH) http://wiki.cacert.org/wiki/ http://wiki.cacert.org/wiki/ AssuranceHandbook2

30 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Essential Documents Non-Related Persons (Disclaimer and Licence) (NRP-DaL) http://www.cacert.org/policy/ http://www.cacert.org/policy/ NRPDisclaimerAndLicence.php

31 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Essential Documents Dispute Resolution Policy (DRP) http://www.cacert.org/policy/ http://www.cacert.org/policy/ DisputeResolutionPolicy.php

32 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 http://www.CAcert.org Ulrich Schroeter ulrich@CAcert.org Questions ? Essential Documents Thanks, Questions & Answers

33 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 the Purpose of an Assurance

34 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of an Assurance What has all this got to do with Assurance? For many reasons, it is essential that we are all in this together! Therefore, the Assurance Policy includes: A Wider Purpose!

35 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of Assurance The Policy says: Section 1 - Assurance Purpose The purpose of Assurance is to add confidence in the Assurance Statement made by the CAcert Community of a Member....

36 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 the 5 Fingers Rule... Section 1.1. - The Assurance Statement The Assurance Statement makes the following claims about a person:

37 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of an Assurance 1. The person is a bona fide Member. In other words, the person is a member of the CAcert Community as defined by the CAcert Community Agreement (CCA)

38 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of an Assurance 2. The Member has a (login) account with CAcert's on-line registration and service system

39 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of an Assurance 3. The Member can be determined from any CAcert certificate issued by the Account

40 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of an Assurance 4. The Member is bound into CAcert's Arbitration as defined by the CAcert Community Agreement

41 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of an Assurance 5. Some personal details of the Member are known to CAcert: - the individual Name(s), - primary and other listed individual email address(es), - secondary distinguishing feature (e.g. DoB)

42 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The Purpose of an Assurance In your Assurance, you are now checking: all 5 points The new purpose signals a big shift. Old classical elements (Name, DoB, email), Some more parts: Community, Arbitration

43 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 What is the CCA?

44 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 What is the CCA? CCA is an abbreviation and stands for CAcert Community Agreement

45 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Agreement to the CCA means: ➔ We are part of a Community ➔ all are equal (including CAcert Inc.) ➔ we may RELY on certificates What is the CCA?

46 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CCA specifies R/L/O Risks: bad cert, bad security Liabs: to 1000 euros also, points, events,... „foreign courts” Obligations: security, principles,... and of course, Arbitration! What is the CCA?

47 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 legal stuff: Law of NSW Australia (“english common law”) “the Arbitration clause” terminate: by Arbitration maintain email address What is the CCA?

48 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Agreement is created by: “your signature on a form to request assurance of identity ("CAP" form),” New CAP form has this, old does not. How CCA relates the Assurance

49 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Agreement is also created by: “your request on the website to join the Community and create an account,” Check that Member has account (and confirm email address is correct). How CCA relates the Assurance

50 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 How CCA relates the Assurance I agree to the CAcert Community Agreement.

51 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The main difference Assurer's Statement Assurer's Statement: Checked and Verified Assuree I am Member of the Community Passed Assurer Challenge Have at least 100 Points

52 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Assurer Challenge Assurer Challenge: How many have passed the Challenge ?

53 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 What's the Assurer Challenge? ✔ was introduced April 2008 ✔ Every Assurer has to pass the Challenge ✗ No Challenge? no longer an Assurer! (as of April 2009) ✔ 80% of 25 multi-choice questions ✔ CATS: Cacert Assurer Training System ✔ your 1 st challenge: you'll need a Client Cert

54 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 CAP form differences Thanks, Questions & Answers http://www.CAcert.org Ulrich Schroeter ulrich@CAcert.org Questions ?

55 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Can Old CAP forms be accepted?

56 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 In short: Yes, they can! But... Can Old CAP forms be accepted?

57 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The important difference between the Old and the New CAP forms is one additional clause in the Applicant's Statement: ✔ I agree to the Cacert Community Agreement Can Old CAP forms be accepted?

58 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 The main difference 2. Applicants Statement Addtl. “I agree to the CAcert Community Agreement” 2.

59 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 According to a ruling made recently: Yes: if you add the statement in handwriting! http://wiki.cacert.org/wiki/Arbitrations/a20090303. 1 Can Old CAP forms be accepted?

60 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Can Old CAP forms be accepted?

61 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations

62 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations General Rule: Reduce information IdDox ==> CAP Form ==> online system Never increase information the full Name from IdDox either re-copy it, or add notes Multiple IdDox ==> write different names

63 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations Specific Rules: Transliteration ✔ Umlaut to ASCII is possible ✗ ASCII to Umlaut is forbidden Allow only what is in the document Add differences by note

64 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations Step 1 „Ö” to „OE” Is OK, but better is...

65 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations Step 1 “Ö” to “OE” And Missing 2 nd given name But better is...

66 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations Step 1 Assurer note Added as Read Added 2 nd given name

67 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations Step 2 Remember The rules: 1. is possible 2. is possible 3. finishing assurance is possible

68 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations We have 3 objects with 2 „transfer“ tasks Document => CAP form => Account 1. 2. 3. task 1 task 2 Face-to-Face @home Meeting

69 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations We have 3 objects with 2 „transfer“ tasks Document => CAP form => Account “Ö” to “Ö” to “Ö” OK “Ö” to “Ö” to “OE” OK “Ö” to “OE” to “Ö” forbidden “OE” to “Ö” to … forbidden

70 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Name Transliterations Forbidden … Means You cannot finish the Assurance

71 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 http://www.CAcert.org Ulrich Schroeter ulrich@CAcert.org Questions ? Name Transliterations Thanks, Questions & Answers

72 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Names in the Practice

73 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Names & Practice Simple Rule: Have a look into „Policy on Names” http://wiki.cacert.org/wiki/PolicyDrafts/ http://wiki.cacert.org/wiki/PolicyDrafts/ PolicyOnNames Includes many examples

74 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Names & Practice

75 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Names & Practice

76 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Names & Practice

77 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 If You Set Eyes On Foreign Passports?

78 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Check Documents on the Web Get info about their Security features 1. before face-to-face meeting 2. after face-to-face meeting Foreign Passports

79 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 PRADO: European Passports and Idcards http://www.consilium.europa.eu/prado/EN/ searchByIssuingCountry.htmlhttp://www.consilium.europa.eu/ http://ue.eu.int/prado/EN/glossaryPopup.html Also: wikipedia Also: wiki.cacert.org/wiki/AcceptableDocuments Foreign Passports Before Or After The Meeting

80 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports Before Or After The Meeting

81 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports At The Meeting Check Security Features with UV-light (if possible) At Big Events: UV-lights are often available

82 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports At The Meeting UV-lights: Desk-Lights about 35-40 Euro UV-Money-Tester... about 4 Euro (!!!)

83 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports At The Meeting For example: If it's the first time you see a foreign document award half of your max. points if it looks good (has recognisable security features) If it does not look good only award points after some research.

84 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports At The Meeting In some doubt, award less points. If you have zero confidence: issue zero points You may reduce points later on, if the documents seem more doubtful.

85 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports At The Meeting Check The Date 1980/01/10 1980-10-01 10/01/1980 01-10- 1980 Not Once, not twice, but Three Times!!! Where Does The Passport Come From? US-English has different dates?

86 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports After The Meeting You always have the option of „Deferring the Decision” What Does This Mean?

87 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports After The Meeting Answer: Maybe the ID documents are weak Assurer reconsiders the amount of points Usually you should notify Member of this by E-mail.

88 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports Non-European Documents Check Security Features documents with fewer Security Features exist: Italian Identity cards old Driver's licences: German, Austrian, NL

89 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports Non-European Documents If no UV-Money-Tester ==> prefer two documents. If one is OK, and one is weak ==> give less points fundamentally: your judgement

90 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Foreign Passports Non-European Documents Unfamiliar documents: Ask other Assurers (who are familiar with them) But remember: your judgement on Assurance

91 www.cacert.orgwww.cacert.org © CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 New Germany IDcard starting 1.11.2010

92 Organisation Assurance

93 Have to be able to agree to CCA Have to be identifiable Become CAcert Members Represented by an Organisation Admin Organisations

94 Organisation Admin Assurer Authorised by the Organisation May act on behalf of the Organisation

95 Requirements Organisation is listed in an official Register The signer of the COAP can bind the Organisation Domains are controlled by the Organisation

96 Procedure Request through support@cacert.org Contact by Organisation Assurer

97 Philipp Dunkel p.dunkel@cacert.org p.dunkel@cacert.org Assurer Organisation Assurer Arbitrator Member of CAcert Board

98 Arbitration

99 Agreement to CCA... You agree to CAcert Arbitration We resolve disputes internally

100 Agreement to CCA... Instead of using local courts finding ourselves in foreign courts CAcert and certs are international One system: Protection + equality

101 What does it do? Limits and Allocates Liability Handles Exceptions Clarifies Policies Resolve Disputes

102 What has it done? administration: changing names contradictions: official CAP form? dual control: run special SQL script!

103 Importance! certs are for important claims claims must go wrong (one day!) solve real problems in Arbitration (one day!)

104 Who? Senior & Experienced Assurers Dispute Resolution Officer Approved by CAcert Board approx. 10 on the list

105 How? to file a dispute, mail to support@cacert.org allocated to an Arbitrator follows Dispute Resolution Policy www.cacert.org/policy/DisputeResolutioPolicy.php

106 How? the english common law approach: i. collects evidence ii. applies the Policies (and the Law) iii. delivers a Ruling the Ruling is binding on all

107 Legal Basis Dispute Resolution Policy Arbitration Act (International Arbitration Act 1974) CCA - All members agree to Arbitration NRP - have no rights of reliance!

108 Experience... Around 20 Arbitrations 2.. 3 running at any one time 80% for administrative purposes (Names) important decisions: terminations, dual control

109 Philipp Dunkel p.dunkel@cacert.org p.dunkel@cacert.org Assurer Organisation Assurer Arbitrator Member of CAcert Board

Download ppt "© CAcert, 2009 Ulrich Schroeter, Assurer Training Evetns, April 2009, #2 Welcome!"

Similar presentations

GETTING STARTED WITH LFM Welcome to the Professional’s Approach to Indexed Annuities Presented by: LFM Fixed Strategies Insurance Services Florian Spinello.

GETTING STARTED WITH LFM Welcome to the Professional’s Approach to Indexed Annuities Presented by: LFM Fixed Strategies Insurance Services Florian Spinello.
The Tenancy Deposit Scheme coming soon to Scotland …

The Tenancy Deposit Scheme coming soon to Scotland …
Offers and Results.  First and insurance choices should be made by the majority of students.  First choice, and in some cases, both choices should now.

Offers and Results.  First and insurance choices should be made by the majority of students.  First choice, and in some cases, both choices should now.
Project Tracking. Questions... Why should we track a project that is underway? What aspects of a project need tracking?

Project Tracking. Questions... Why should we track a project that is underway? What aspects of a project need tracking?
Introduction to orientation MOVES FOLIO Course. Introduction- Orientation A key role for supervisors is to provide orientation (also known as induction)

Introduction to orientation MOVES FOLIO Course. Introduction- Orientation A key role for supervisors is to provide orientation (also known as induction)
DATA PROTECTION & FREEDOM OF INFORMATION. What is the difference between Data Protection & Freedom of Information? The Data Protection Act allows you.

DATA PROTECTION & FREEDOM OF INFORMATION. What is the difference between Data Protection & Freedom of Information? The Data Protection Act allows you.
 Definition of a quality Audit  Types of audit  Qualifications of quality auditors  The audit process.

 Definition of a quality Audit  Types of audit  Qualifications of quality auditors  The audit process.
New York Bar Exam Application Process 2016. Where to go with questions Always consult the NY State Board of Law Examiners Website for the official rules.NY.

New York Bar Exam Application Process Where to go with questions Always consult the NY State Board of Law Examiners Website for the official rules.NY.
Charles University – Law Faculty October 2012 © Peter Kolker 2012 Class III - 2012.

Charles University – Law Faculty October 2012 © Peter Kolker 2012 Class III
Now that you’re registered Matt Crichton | Communications Officer Anne Duffy | Advice Services Officer Amanda Watkins I Senior Manager, Compliance Regina.

Now that you’re registered Matt Crichton | Communications Officer Anne Duffy | Advice Services Officer Amanda Watkins I Senior Manager, Compliance Regina.
© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 How Cacert responded to audit...

© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 How Cacert responded to audit...
Welcome to Greenville County’s Introduction of the new online Permitting System!

Welcome to Greenville County’s Introduction of the new online Permitting System!
© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 What is the CCA?

© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 What is the CCA?
© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 Participating in the Community.

© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 Participating in the Community.
© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 The Purpose of an Assurance.

© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 The Purpose of an Assurance.
Lions District 2-E2 Secretary Training March 14, 2015.

Lions District 2-E2 Secretary Training March 14, 2015.
© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 CAcert and the Audit.

© CAcert, 2009 Ulrich Schroeter, Assurer Training Events, April 2009 CAcert and the Audit.
2.0 Assurance Practice.

2.0 Assurance Practice.
The Mediation Centre of Chamber of Notaries in Gdańsk

The Mediation Centre of Chamber of Notaries in Gdańsk
For help or more information, please contact the P&W SRM team at ;

For help or more information, please contact the P&W SRM team at ;

Similar presentations

Ads by Google