Bad Message " + status + "

Powered by Jetty:// · (Unused)

+     *
+     * FieldName : Value ; param1=val1 ; param2=val2
+     *
+     * 
+ * FutureCallback<String> future = new FutureCallback<>();
+ * endpoint.fillInterested("ContextObj",future);
+ * ...
+ * String context = future.get(); // This blocks
+ * int filled=endpoint.fill(mybuffer);
+ * 
+ * endpoint.fillInterested("ContextObj",new ExecutorCallback<String>(executor)
+ * {
+ *   public void onCompleted(String context)
+ *   {
+ *     int filled=endpoint.fill(mybuffer);
+ *     ...
+ *   }
+ *   public void onFailed(String context,Throwable cause) {...}
+ * });
+ * 
+ * FutureCallback<String> future = new FutureCallback<>();
+ * endpoint.write("ContextObj",future,headerBuffer,contentBuffer);
+ * String context = future.get(); // This blocks
+ * 
+ * endpoint.write("ContextObj",new ExecutorCallback<String>(executor)
+ * {
+ *   public void onCompleted(String context)
+ *   {
+ *     int filled=endpoint.fill(mybuffer);
+ *     ...
+ *   }
+ *   public void onFailed(String context,Throwable cause) {...}
+ * },headerBuffer,contentBuffer);
+ * 
+ *  username: password [,rolename ...]
+ * 
+ *  username: password [,rolename ...]
+ * 
+ * 
+ *   parses the following types of byte ranges:
+ * 
+ *       bytes=100-499
+ *       bytes=-300
+ *       bytes=100-
+ *       bytes=1-2,2-3,6-,-2
+ *
+ *   given an entity length, converts range to string
+ * 
+ *       bytes 100-499/500
+ * 
+ * 
    ");
+                    writer.write(message);
+                    writer.write("
    ");
+        write(writer,message);
+        writer.write("
");
+            StringWriter sw = new StringWriter();
+            PrintWriter pw = new PrintWriter(sw);
+            th.printStackTrace(pw);
+            pw.flush();
+            write(writer,sw.getBuffer().toString());
+            writer.write("
reason: " + reason + "
+ * nnn - an absolute value (0-255)
+ * mmm-nnn - an inclusive range of absolute values,
+ *           with following shorthand notations:
+ *           nnn- => nnn-255
+ *           -nnn => 0-nnn
+ *           -    => 0-255
+ * a,b,... - a list of wildcard specifications
+ * 
+ *   <Get id='handler' name='Handler'/>
+ *   <Set name='Handler'>
+ *     <New id='idleTimeoutHandler' class='org.eclipse.jetty.server.handler.IdleTimeoutHandler'>
+ *       <Set name='Handler'><Ref id='handler'/></Set>
+ *       <Set name='IdleTimeoutMs'>5000</Set>
+ *     </New>
+ *   </Set>
+ * 
+ * A.handle(...)
+ *   A.doScope(...)
+ *     B.doScope(...)
+ *       C.doScope(...)
+ *         A.doHandle(...)
+ *           B.doHandle(...)
+ *              C.doHandle(...)
+ * 
+ * A.handle(...)
+ *   A.doScope(...)
+ *     B.doScope(...)
+ *       C.doScope(...)
+ *         A.doHandle(...)
+ *           B.doHandle(...)
+ *             X.handle(...)
+ *               C.handle(...)
+ *                 C.doHandle(...)
+ * 
+ *     private static class MyHandler extends ScopedHandler
+ *     {
+ *         public void doScope(String target, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
+ *         {
+ *             try
+ *             {
+ *                 setUpMyScope();
+ *                 super.doScope(target,request,response);
+ *             }
+ *             finally
+ *             {
+ *                 tearDownMyScope();
+ *             }
+ *         }
+ *
+ *         public void doHandle(String target, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException
+ *         {
+ *             try
+ *             {
+ *                 doMyHandling();
+ *                 super.doHandle(target,request,response);
+ *             }
+ *             finally
+ *             {
+ *                 cleanupMyHandling();
+ *             }
+ *         }
+ *     }
+ * 
+    Server server = new Server(8080);
+    HandlerList handlers = new HandlerList();
+    handlers.setHandlers(new Handler[]
+    { someOtherHandler, new ShutdownHandler("secret password") });
+    server.setHandler(handlers);
+    server.start();
+   
+   public static void attemptShutdown(int port, String shutdownCookie) {
+        try {
+            URL url = new URL("http://localhost:" + port + "/shutdown?token=" + shutdownCookie);
+            HttpURLConnection connection = (HttpURLConnection)url.openConnection();
+            connection.setRequestMethod("POST");
+            connection.getResponseCode();
+            logger.info("Shutting down " + url + ": " + connection.getResponseMessage());
+        } catch (SocketException e) {
+            logger.debug("Not running");
+            // Okay - the server is not running
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+  
+ *  acceptRanges      If true, range requests and responses are
+ *                    supported
+ *
+ *  dirAllowed        If true, directory listings are returned if no
+ *                    welcome file is found. Else 403 Forbidden.
+ *
+ *  welcomeServlets   If true, attempt to dispatch to welcome files
+ *                    that are servlets, but only after no matching static
+ *                    resources could be found. If false, then a welcome
+ *                    file must exist on disk. If "exact", then exact
+ *                    servlet matches are supported without an existing file.
+ *                    Default is true.
+ *
+ *                    This must be false if you want directory listings,
+ *                    but have index.jsp in your welcome file list.
+ *
+ *  redirectWelcome   If true, welcome files are redirected rather than
+ *                    forwarded to.
+ *
+ *  gzip              If set to true, then static content will be served as
+ *                    gzip content encoded if a matching resource is
+ *                    found ending with ".gz"
+ *
+ *  resourceBase      Set to replace the context resource base
+ *
+ *  resourceCache     If set, this is a context attribute name, which the servlet
+ *                    will use to look for a shared ResourceCache instance.
+ *
+ *  relativeResourceBase
+ *                    Set with a pathname relative to the base of the
+ *                    servlet context root. Useful for only serving static content out
+ *                    of only specific subdirectories.
+ *
+ *  pathInfoOnly      If true, only the path info will be applied to the resourceBase
+ *
+ *  stylesheet	      Set with the location of an optional stylesheet that will be used
+ *                    to decorate the directory listing html.
+ *
+ *  etags             If True, weak etags will be generated and handled.
+ *
+ *  maxCacheSize      The maximum total size of the cache or 0 for no cache.
+ *  maxCachedFileSize The maximum size of a file to cache
+ *  maxCachedFiles    The maximum number of files to cache
+ *
+ *  useFileMappedBuffer
+ *                    If set to true, it will use mapped file buffer to serve static content
+ *                    when using NIO connector. Setting this value to false means that
+ *                    a direct buffer will be used instead of a mapped file buffer.
+ *                    By default, this is set to true.
+ *
+ *  cacheControl      If set, all static content will have this value set as the cache-control
+ *                    header.
+ *
+ *
+ * 
+ *  nonContextServlets       If false, the invoker can only load
+ *                           servlets from the contexts classloader.
+ *                           This is false by default and setting this
+ *                           to true may have security implications.
+ *
+ *  verbose                  If true, log dynamic loads
+ *
+ *  *                        All other parameters are copied to the
+ *                           each dynamic servlet as init parameters
+ * 
+ *   new ServletContext("/context",Context.SESSIONS|Context.NO_SECURITY);
+ * 
+ *     buffer.clear();
+ *     channel.write(buffer);
+ * 
+ *     ByteBuffer buffer = BufferUtil.allocate(1024);
+ *     assert(buffer.remaining()==0);
+ *     BufferUtil.clear(buffer);
+ *     assert(buffer.remaining()==0);
+ * 
+ *      int pos = BufferUtil.flipToFill(buffer);
+ *      try
+ *      {
+ *          buffer.put(data);
+ *      }
+ *      finally
+ *      {
+ *          flipToFlush(buffer, pos);
+ *      }
+ * 
+ * CompletableCallback callback = new CompletableCallback()
+ * {
+ *     @Override
+ *     public void resume()
+ *     {
+ *         // continue processing
+ *     }
+ *
+ *     @Override
+ *     public void abort(Throwable failure)
+ *     {
+ *         // abort processing
+ *     }
+ * }
+ * asyncOperation(callback);
+ * boolean completed = callback.tryComplete();
+ * if (completed)
+ *     // suspend processing, async operation not done yet
+ * else
+ *     // continue processing, async operation already done
+ * 
+ * public void reentrantMethod(Object param)
+ * {
+ *     if (condition || tooManyReenters)
+ *         fork(param)
+ *     else
+ *         call(param)
+ * }
+ * 
+ * private final ForkInvoker invoker = ...;
+ *
+ * public void reentrantMethod(Object param)
+ * {
+ *     invoker.invoke(param);
+ * }
+ * 
+ * nnn - an absolute value (0-255)
+ * mmm-nnn - an inclusive range of absolute values, 
+ *           with following shorthand notations:
+ *           nnn- => nnn-255
+ *           -nnn => 0-nnn
+ *           -    => 0-255
+ * a,b,... - a list of wildcard specifications
+ * 
+ *   Object lazylist =null;
+ *   while(loopCondition)
+ *   {
+ *     Object item = getItem();
+ *     if (item.isToBeAdded())
+ *         lazylist = LazyList.add(lazylist,item);
+ *   }
+ *   return LazyList.getList(lazylist);
+ * 
+ * public class MyClass {
+ *     void myMethod() {
+ *          ...
+ *          Class c=Loader.loadClass(this.getClass(),classname);
+ *          ...
+ *     }
+ * 
+ * void someBlockingCall(Object... args) throws IOException
+ * {
+ *   try(Blocker blocker=sharedBlockingCallback.acquire())
+ *   {
+ *     someAsyncCall(args,blocker);
+ *     blocker.block();
+ *   }
+ * }
+ * 
+ * SocketAddressResolver resolver = new SocketAddressResolver(executor, scheduler);
+ * resolver.resolve("www.google.com", 80, new Promise<SocketAddress>()
+ * {
+ *     public void succeeded(SocketAddress result)
+ *     {
+ *         // The address was resolved
+ *     }
+ *
+ *     public void failed(Throwable failure)
+ *     {
+ *         // The address resolution failed
+ *     }
+ * });
+ * 
+     *   isBlank(null)   == true
+     *   isBlank("")     == true
+     *   isBlank("\r\n") == true
+     *   isBlank("\t")   == true
+     *   isBlank("   ")  == true
+     *   isBlank("a")    == false
+     *   isBlank(".")    == false
+     *   isBlank(";\n")  == false
+     * 
+     *   isNotBlank(null)   == false
+     *   isNotBlank("")     == false
+     *   isNotBlank("\r\n") == false
+     *   isNotBlank("\t")   == false
+     *   isNotBlank("   ")  == false
+     *   isNotBlank("a")    == true
+     *   isNotBlank(".")    == true
+     *   isNotBlank(";\n")  == true
+     * 
+ * SomeContainerLifeCycleInstance
+ *   +- contained POJO instance
+ *   += contained MANAGED object, started and stopped with this instance
+ *   +~ referenced UNMANAGED object, with separate lifecycle
+ *   +? referenced AUTO object that could become MANAGED or UNMANAGED.
+ * 
+     *   Log.setLog(Log.getLogger(name));
+     * 
+ * try (StacklessLogging scope = new StacklessLogging(EventDriver.class,Noisy.class))
+ * {
+ *     doActionThatCausesStackTraces();
+ * }
+ * 
+     * Examples:
+     * "org.eclipse.jetty.test.FooTest"           = "oejt.FooTest"
+     * "org.eclipse.jetty.server.logging.LogTest" = "orjsl.LogTest"
+     * 
+ *  + Password is set as a system property.
+ *  + The password is prompted for and read from standard input
+ *  + A program is run to get the password.
+ * 
+     *                         Effective
+     *     Cipher       Type    Key Bits
+     *
+     *     NULL       * Stream     0
+     *     IDEA_CBC     Block    128
+     *     RC2_CBC_40 * Block     40
+     *     RC4_40     * Stream    40
+     *     RC4_128      Stream   128
+     *     DES40_CBC  * Block     40
+     *     DES_CBC      Block     56
+     *     3DES_EDE_CBC Block    168
+     * 
+ * Offset  Size     Field
+ * 0       100      File name
+ * 100     8        File mode
+ * 108     8        Owner's numeric user ID
+ * 116     8        Group's numeric user ID
+ * 124     12       File size in bytes
+ * 136     12       Last modification time in numeric Unix time format
+ * 148     8        Checksum for header block
+ * 156     1        Link indicator (file type)
+ * 157     100      Name of linked file
+ * 
+ * Value        Meaning
+ * '0'          Normal file
+ * (ASCII NUL)  Normal file (now obsolete)
+ * '1'          Hard link
+ * '2'          Symbolic link
+ * '3'          Character special
+ * '4'          Block special
+ * '5'          Directory
+ * '6'          FIFO
+ * '7'          Contigous
+ * 
+ * Offset  Size    Field
+ * 257     6       UStar indicator "ustar"
+ * 263     2       UStar version "00"
+ * 265     32      Owner user name
+ * 297     32      Owner group name
+ * 329     8       Device major number
+ * 337     8       Device minor number
+ * 345     155     Filename prefix
+ * 
+ * PublicKeyAndChallenge ::= SEQUENCE {
+ *     spki SubjectPublicKeyInfo,
+ *     challenge IA5STRING
+ * }
+ * 
+ * SignedPublicKeyAndChallenge ::= SEQUENCE {
+ *     publicKeyAndChallenge PublicKeyAndChallenge,
+ *     signatureAlgorithm AlgorithmIdentifier,
+ *     signature BIT STRING
+ * }
+ * 
+
+
+        ._cacert._auth IN TXT 
+        
http://example.org/cacert-.txt

 elemtent
+	var pre = function (text) {
+		var pre = document.createElement("pre");
+		pre.appendChild(textnode(text));
+		return pre;
+	}
+
+	/// makes a new

Enum	Code	Message	+ * RFC 1945 - HTTP/1.0	+ * RFC 2616 - HTTP/1.1	+ * RFC 2518 - WEBDAV
`Informational - 1xx`	{@link #isInformational(int)}
{@link #CONTINUE_100}	100	Continue		+ * Sec. 10.1.1
{@link #SWITCHING_PROTOCOLS_101}	101	Switching Protocols		+ * Sec. 10.1.2
{@link #PROCESSING_102}	102	Processing			+ * Sec. 10.1
`Success - 2xx`	{@link #isSuccess(int)}
{@link #OK_200}	200	OK	+ * Sec. 9.2	+ * Sec. 10.2.1
{@link #CREATED_201}	201	Created	+ * Sec. 9.2	+ * Sec. 10.2.2
{@link #ACCEPTED_202}	202	Accepted	+ * Sec. 9.2	+ * Sec. 10.2.3
{@link #NON_AUTHORITATIVE_INFORMATION_203}	203	Non Authoritative Information		+ * Sec. 10.2.4
{@link #NO_CONTENT_204}	204	No Content	+ * Sec. 9.2	+ * Sec. 10.2.5
{@link #RESET_CONTENT_205}	205	Reset Content		+ * Sec. 10.2.6
{@link #PARTIAL_CONTENT_206}	206	Partial Content		+ * Sec. 10.2.7
{@link #MULTI_STATUS_207}	207	Multi-Status			+ * Sec. 10.2
	~~207~~	~~Partial Update OK~~		+ * draft/01
`Redirection - 3xx`	{@link #isRedirection(int)}
{@link #MULTIPLE_CHOICES_300}	300	Multiple Choices	+ * Sec. 9.3	+ * Sec. 10.3.1
{@link #MOVED_PERMANENTLY_301}	301	Moved Permanently	+ * Sec. 9.3	+ * Sec. 10.3.2
{@link #MOVED_TEMPORARILY_302}	302	Moved Temporarily	+ * Sec. 9.3	(now "`302 Found`")
{@link #FOUND_302}	302	Found	(was "`302 Moved Temporarily`")	+ * Sec. 10.3.3
{@link #SEE_OTHER_303}	303	See Other		+ * Sec. 10.3.4
{@link #NOT_MODIFIED_304}	304	Not Modified	+ * Sec. 9.3	+ * Sec. 10.3.5
{@link #USE_PROXY_305}	305	Use Proxy		+ * Sec. 10.3.6
	306	(Unused)		+ * Sec. 10.3.7
{@link #TEMPORARY_REDIRECT_307}	307	Temporary Redirect		+ * Sec. 10.3.8
`Client Error - 4xx`	{@link #isClientError(int)}
{@link #BAD_REQUEST_400}	400	Bad Request	+ * Sec. 9.4	+ * Sec. 10.4.1
{@link #UNAUTHORIZED_401}	401	Unauthorized	+ * Sec. 9.4	+ * Sec. 10.4.2
{@link #PAYMENT_REQUIRED_402}	402	Payment Required	+ * Sec. 9.4	+ * Sec. 10.4.3
{@link #FORBIDDEN_403}	403	Forbidden	+ * Sec. 9.4	+ * Sec. 10.4.4
{@link #NOT_FOUND_404}	404	Not Found	+ * Sec. 9.4	+ * Sec. 10.4.5
{@link #METHOD_NOT_ALLOWED_405}	405	Method Not Allowed		+ * Sec. 10.4.6
{@link #NOT_ACCEPTABLE_406}	406	Not Acceptable		+ * Sec. 10.4.7
{@link #PROXY_AUTHENTICATION_REQUIRED_407}	407	Proxy Authentication Required		+ * Sec. 10.4.8
{@link #REQUEST_TIMEOUT_408}	408	Request Timeout		+ * Sec. 10.4.9
{@link #CONFLICT_409}	409	Conflict		+ * Sec. 10.4.10 + *
{@link #GONE_410}	410	Gone		+ * Sec. 10.4.11 + *
{@link #LENGTH_REQUIRED_411}	411	Length Required		+ * Sec. 10.4.12 + *
{@link #PRECONDITION_FAILED_412}	412	Precondition Failed		+ * Sec. 10.4.13 + *
{@link #REQUEST_ENTITY_TOO_LARGE_413}	413	Request Entity Too Large		+ * Sec. 10.4.14 + *
{@link #REQUEST_URI_TOO_LONG_414}	414	Request-URI Too Long		+ * Sec. 10.4.15 + *
{@link #UNSUPPORTED_MEDIA_TYPE_415}	415	Unsupported Media Type		+ * Sec. 10.4.16 + *
{@link #REQUESTED_RANGE_NOT_SATISFIABLE_416}	416	Requested Range Not Satisfiable		+ * Sec. 10.4.17 + *
{@link #EXPECTATION_FAILED_417}	417	Expectation Failed		+ * Sec. 10.4.18 + *
	~~418~~	~~Reauthentication Required~~		+ * draft/01
	~~418~~	~~Unprocessable Entity~~			+ * draft/05
	~~419~~	~~Proxy Reauthentication Required~~		+ * draft/01
	~~419~~	~~Insufficient Space on Resource~~			+ * draft/05
	~~420~~	~~Method Failure~~			+ * draft/05
	421	(Unused)
{@link #UNPROCESSABLE_ENTITY_422}	422	Unprocessable Entity			+ * Sec. 10.3
{@link #LOCKED_423}	423	Locked			+ * Sec. 10.4
{@link #FAILED_DEPENDENCY_424}	424	Failed Dependency			+ * Sec. 10.5
`Server Error - 5xx`	{@link #isServerError(int)}
{@link #INTERNAL_SERVER_ERROR_500}	500	Internal Server Error	+ * Sec. 9.5	+ * Sec. 10.5.1
{@link #NOT_IMPLEMENTED_501}	501	Not Implemented	+ * Sec. 9.5	+ * Sec. 10.5.2
{@link #BAD_GATEWAY_502}	502	Bad Gateway	+ * Sec. 9.5	+ * Sec. 10.5.3
{@link #SERVICE_UNAVAILABLE_503}	503	Service Unavailable	+ * Sec. 9.5	+ * Sec. 10.5.4
{@link #GATEWAY_TIMEOUT_504}	504	Gateway Timeout		+ * Sec. 10.5.5
{@link #HTTP_VERSION_NOT_SUPPORTED_505}	505	HTTP Version Not Supported		+ * Sec. 10.5.6
	506	(Unused)
{@link #INSUFFICIENT_STORAGE_507}	507	Insufficient Storage			+ * Sec. 10.6

Parent Directory
"); + buf.append(deTag(ls[i])); + buf.append(" "); + buf.append("	"); + buf.append(item.length()); + buf.append(" bytes	"); + buf.append(dfmt.format(new Date(item.lastModified()))); + buf.append("

First line of HTTP request	Returned Value
POST /some/path.html HTTP/1.1 + *	+ *	/some/path.html + *
GET http://foo.bar/a.html HTTP/1.0 + *	+ *	/a.html + *
HEAD /xyz?a=b HTTP/1.1 + *	+ *	/xyz + *

+ Minimum Assurance Points +	+ Capability +	+ Status +	+ Comment +
+ 0 +	+ Request Assurance +	+ Prospective Member +	+ Individual taking part of an +Assurance, who does not have created a CAcert login account (yet). The +allocation of Assurance Points is awaiting login account creation. +
+ 0 +	+ Request unnamed certificates +	+ Member +	+ Although the Member's details are +recorded in the account, they are not highly assured. +
+ 50 +	+ Request named certificates +	+ Assured Member +	+ Statements of Assurance: the Name is +assured to 50 Assurance Points or more +
+ 100 +	+ Become an Assurer +	+ Prospective Assurer +	+ Assured to 100 Assurance Points (or +more) on at least one Name, and passing the Assurer Challenge. +

+ Assurer's Experience Points +	+ Allocatable Assurance Points +
+ 0 +	+ 10 +
+ 10 +	+ 15 +
+ 20 +	+ 20 +
+ 30 +	+ 25 +
+ 40 +	+ 30 +
+ >=50 +	+ 35 +

General	Protocol	Description	Comments
Type		Appropriate Certificate uses
Server	TLS	web server encryption	enables encryption
Server	embedded	embedded server authentication	mail servers, IM-servers
Client	S/MIME	email encryption	"digital signatures" employed in S/MIME + are not legal / human signatures, + but instead enable the encryption mode of S/MIME
	TLS	client authentication	the nodes must be secure
	TLS	web based signature applications	the certificate authenticates only. See §1.4.3.
	"Digital Signing"	for human signing over documents	Only within a wider application and rules + such as by separate policy, + as agreed by contract, etc. + See §1.4.4. +
Code	Authenticode, ElfSign, Java	Code Signing	Signatures on packages are evidence of their Membership and indicative of Identity
PGP	OpenPGP	Key Signing	Signatures on Member Keys are evidence of their Membership and indicative of Identity
Special	X.509	OCSP, Timestamping	Only available to CAcert Systems Administrators, as controlled by Security Policy

	Members †		Assured Members		Assurers
	Level of Assurance
Class of Root	Anon	Name	Anon	Name	Name+Anon	Remarks
Top level Root	•	•	•	•	•	Signs other CAcert SubRoots only.
Member SubRoot	✔	✘	✔	✔	✔	† For Members meeting basic checks in §4.2.2 (Reliance is undefined.)
Assured SubRoot	✘	✘	✔	✔	✔	Assured Members only. Fully intended for reliance.
Organisation SubRoot	✘	✘	✔	✔	✔	Assured Organisation Members only. Fully intended for reliance.
Expiry of Certificates	6 months		24 months
Types	client, server		wildcard, subjectAltName		code-signing	(Inclusive to the left.)

	Members		Assured Members
	Level of Assurance
Class of Root	Anonymous	Named	Anonymous	Named	Remarks
Class 1	✔	✘	✔	✔	Available for all Members, reliance is undefined.
Class 3	✘	✘	✔	✔	Assured Members only. Intended for Reliance.
Expiry of Certificates	6 months		24 months
Types available	simple only		wildcard, subjectAltName

.ac	Registry	Policy
.ar	Registry	Policy
.at	Registry	Policy (character list)
.biz	Registry	Policy
.br	Registry	Policy
.cat	Registry	Policy
.ch	Registry	Policy
.cl	Registry	Policy
.cn	Registry	Policy (JET Guidelines)
.de	Registry	Policy
.dk	Registry	Policy
.es	Registry	Policy
.fi	Registry	Policy
.gr	Registry	Policy
.hu	Registry	Policy (section 2.1.2)
.info	Registry	Policy
.io	Registry	Policy
.ir	Registry	Policy
.is	Registry	Policy
.jp	Registry	Policy
.kr	Registry	Policy (JET Guidelines)
.li	Registry	Policy (managed by .ch registry)
.lt	Registry	Policy (character list)
.museum	Registry	Policy
.no	Registry	Policy (section 4)
.org	Registry	Policy
.pl	Registry	Policy
.pr	Registry	Policy
.se	Registry	Policy (character list)
.sh	Registry	Policy
.th	Registry	Policy
.tm	Registry	Policy
.tw	Registry	Policy (JET Guidelines)
.vn	Registry	Policy (character list)

Assurance Points	Level	Service	Comments
0	Unassured Member	Anonymous	Certificates with no Name, under Class 1 Root. Limited to 6 months expiry.
1-49	Unassured Member	Anonymous	Certificates with no Name under Member SubRoot. Limited to 6 months expiry.
50-99	Assured Member	Verified	Certificates with Verified Name for S/MIME, web servers, "digital signing." + Expiry after 24 months is available.
100++	Assurer	Code-signing	Can create Code-signing certificates

	Verified Name	Unverified Name	Empty Name
Verified email	✔	✘	✔
Unverified email	✘	✘	✘
Empty email	✔	✘	✘

Type	How	Authority	remarks
Assurance	under CAcert Assurance Programme (CAP)	Assurance Policy	only information assured to 50 points under CAP is placed in the certificate
Evaluation	under automated domain and email checks	this CPS	see §4.2.2
Controlled	programs or "profiles" that check the information within the CSR	this CPS	see §7.1

	Statements of Reliance for Members
Class of Root	Anonymous (all Members)	Named (Assured Members only)
Class 1	+ Do not rely. + Relying party must use other methods to check.	+ Do not rely. + Although the named Member has been Assured by CAcert, + reliance is not defined with Class 1 root. + (issued for compatibility only).
Member SubRoot
Class 3	+ Do not rely on the Name (being available). + The Member has been Assured by CAcert, + but reliance is undefined.	+ The Member named in the certificate has been Assured by CAcert.
Assured SubRoot

Role	Policy	Comments
Assurer	COD13	+ Passes Challenge, Assured to 100 points. +
Organisation Assurer	COD11	+ Trained and tested by two supervising OAs. +
Technical	SM => COD08	+ Teams responsible for testing. +
Arbitrator	COD7	+ Experienced Assurers. +

Record	Nature	Exceptions	Documentation
Member	username, primary and added addresses, security questions, Date of Birth	resigned non-subscribers: 0 years.	Security Policy and Privacy Policy
Assurance	CAP forms	"at least 7 years." as per subsidiary policies	Assurance Policy 4.5
Organisation Assurance	COAP forms	as per subsidiary policies	Organisation Assurance Policy
certificates and revocations	for reliance	7 years after termination	this CPS
critical roles	background check worksheets	under direct Arbitrator control	Security Policy 9.1.3

+ OID +	+ Type/Meaning +	+ Comment +
+ 1.3.6.1.4.1.18506.4.4 +	+ Certification Practice Statement +	+ (this present document) +

PoP		Iang
POLICY p200800204.1		+ 20080309 +
COD1
	Policy on Policy

Asynchronous Methods

Blocking Read

Dispatched Read

Blocking Write

Dispatched Write

Connector Services

Connection Factories

Configuring Connection Factories

Connection Factory Operation

Acceptors

HTTP ERROR: "); + writer.write(Integer.toString(code)); + writer.write("

Connection Factories

Selectors

Error 404 - Not Found.

HTTP ERROR "); + writer.write(Integer.toString(code)); + writer.write("

Caused by:

Bad Message " + status + "

Statistics:

Requests:

Dispatches:

Responses:

Connections:

").append(connector.getClass().getName()).append("@").append(connector.hashCode()).append("

Memory:

Usage

Notes

"); + buf.append(title); + buf.append("

+ "); + out.print(l.getTranslation(menuName)); + out.println("

''

Assurance Policy for CAcert Community Members

0. Preamble

0.1. Definition of Terms

0.2. The CAcert Web of Trust

0.3. Related Documentation

1. Assurance Purpose

1.1.The Assurance Statement

1.2.Relying Party Statement

2. The Member

2.1. The Member's Name

2.2. Multiple Names and variations

2.3. Status and Capabilities

3. The Assurer

3.1. The Obligations of the Assurer

4. The Assurance

4.1. The Assurance Process

4.2. Mutual Assurance

4.3. Assurance Points

4.4. Experience Points

4.5. CAcert Assurance Programme (CAP) form

5. The Assurance Officer

6. Subsidiary Policies

6.1. Standard

6.2. High Risk Applications

7. Privacy

0. Introduction

0.1 Terms

1. Agreement and Licence

1.1 Agreement

1.2 Licence

1.3 Your Contributions

1.4 Privacy

2. Your Risks, Liabilities and Obligations

2.1 Risks

2.2 Liabilities

2.3 Obligations

2.4 Principles

2.5 Security

3. Law and Jurisdiction

3.1 Governing Law

3.2 Arbitration as Forum of Dispute Resolution

3.3 Termination

3.4 Changes of Agreement

3.5 Communication

4. Miscellaneous

4.1 Other Parties Within the Community

4.2 References and Other Binding Documents

4.3 Informative References

4.4 Not Covered in this Agreement

CAcert CPS and CP