This section summarizes and provides references to VeriSign's refund policy the warranties and promises made by issuing authorities and VeriSign, and the disclaimers and limitations upon such obligations.
11.4 Disclaimers and Limitations on Obligations of IAs and VeriSign
VeriSign adheres to, and stands behind, rigorous practices and policies in undertaking certification operations and in issuing certificates. Nevertheless, if for any reason a subscriber is not completely satisfied with the certificate issued to him, her, or it the subscriber may request that VeriSign revoke the certificate within thirty (30) days of issuance and provide the subscriber with a refund. Following the initial thirty (30) day period, a subscriber may request that VeriSign revoke the certificate and provide a refund if VeriSign has breached a warranty or other material obligation under this CPS or the NetSureSM Protection Plan relating to the subscriber or the subscriber's certificate. After VeriSign revokes the subscriber's certificate, VeriSign will promptly credit the subscriber's credit card account (if the certificate was paid for via credit card) or otherwise reimburse the subscriber via check, for the full amount of the applicable fees paid for the certificate. To request a refund, subscribers shall complete the Refund Request Form at https://www.verisign.com/repository/refund. This refund policy is not an exclusive remedy and does not limit other remedies that may be available to subscribers.
11.2 NetSureSM Protection Plan and Warranties
For subscribers of certificates issued on or after the effective date of the NetSureSM Protection Plan (see Section 2.3.4) (except for demo, free, or test certificates) the limited warranties, the disclaimers of warranty, and limitations of liability under CPS Sections 11.3, 11.4, and 11.5 do not apply and the limited warranties, disclaimers of warranty, and limitations of liability in the NetSureSM Protection Plan shall supersede CPS Sections 11.3, 11.4, and 11.5 for such certificates. See the NetSureSM Protection Plan for important details.
Issuing authorities (and VeriSign, to the extent specified in the referenced CPS sections) warrant and promise to:
Additionally, IAs and VeriSign warrant that their own private keys are not compromised unless they provide notice to the contrary via the VeriSign repository.
ISSUING AUTHORITIES AND VERISIGN MAKE NO OTHER WARRANTIES AND HAVE NO FURTHER OBLIGATIONS UNDER THIS CPS.
EXCEPT AS EXPRESSLY PROVIDED IN THE FOREGOING (CPS Section 11.3), ISSUING AUTHORITIES AND VERISIGN DISCLAIM ALL WARRANTIES AND OBLIGATIONS OF ANY TYPE, INCLUDING ANY WARRANTY OF MERCHANTABILITY, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTY OF THE ACCURACY OF INFORMATION PROVIDED, AND FURTHER DISCLAIM ANY AND ALL LIABILITY FOR NEGLIGENCE AND LACK OF REASONABLE CARE.
Except as expressly stated in the foregoing CPS Section 11.3, IAs and VeriSign:
IN NO EVENT SHALL ANY ISSUING AUTHORITY OR VERISIGN BE LIABLE FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, OR FOR ANY LOSS OF PROFITS, LOSS OF DATA, OR OTHER INDIRECT, CONSEQUENTIAL, OR PUNITIVE DAMAGES ARISING FROM OR IN CONNECTION WITH THE USE, DELIVERY, LICENSE, PERFORMANCE, OR NONPERFORMANCE OF CERTIFICATES, DIGITAL SIGNATURES, OR ANY OTHER TRANSACTIONS OR SERVICES OFFERED OR CONTEMPLATED BY THIS CPS, EVEN IF SUCH ISSUING AUTHORITIES OR VERISIGN, OR BOTH, HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
IN NO EVENT WILL THE AGGREGATE LIABILITY OF AN ISSUING AUTHORITY AND ALL SUPERIOR IAs IN THE CERTIFICATION CHAIN TO WHICH THE IA'S CERTIFICATE BELONGS (AND VERISIGN, AS SPECIFIED) TO ALL PARTIES (INCLUDING WITHOUT LIMITATION A SUBSCRIBER, AN APPLICANT, A RECIPIENT, OR A RELYING PARTY) EXCEED THE APPLICABLE LIABILITY CAP FOR SUCH CERTIFICATE SET FORTH IN TABLE 14, BELOW.
THE COMBINED AGGREGATE LIABILITY OF ALL ISSUING AUTHORITIES AND VERISIGN TO ANY AND ALL PERSONS CONCERNING A SPECIFIC CERTIFICATE SHALL BE LIMITED TO AN AMOUNT NOT TO EXCEED THE FOLLOWING, FOR THE AGGREGATE OF ALL DIGITAL SIGNATURES AND TRANSACTIONS RELATED TO SUCH CERTIFICATE:
|
Liability Caps |
|
|
Class 1 |
$ 100.00 US |
|
Class 2 |
$ 5,000.00 US |
|
Class 3 |
$ 100,000.00 US |
TABLE 14 - LIABILITY CAPS
This limitation on damages applies to loss and damages of all types, including but not limited to direct, compensatory, indirect, special, consequential, exemplary, or incidental damages incurred by any person, including without limitation a subscriber, an applicant, a recipient, or a relying party, that are caused by reliance on or use of a certificate an issuing authority or VeriSign issues, manages, uses, suspends or revokes, or such a certificate that expires. This limitation on damages applies as well to liability under contract, tort, and any other form of liability claim. The liability cap on each certificate shall be the same regardless of the number of digital signatures, transactions, or claims related to such certificate. In the event the liability cap is exceeded, the available liability cap shall be apportioned first to the earliest claims to achieve final dispute resolution, unless otherwise ordered by a court of competent jurisdiction. In no event shall VeriSign be obligated to pay more than the aggregate liability cap for each certificate, regardless of the method of apportionment among claimants to the amount of the liability cap.
Without limiting other subscriber obligations stated in this CPS, subscribers are liable for any misrepresentations they make in certificates to third parties who, having verified one or more digital signatures with the certificate, reasonably rely on the representations contained therein.
IAs AND VERISIGN ARE NOT THE AGENTS, FIDUCIARIES, TRUSTEES, OR OTHER REPRESENTATIVES OF SUBSCRIBERS OR RELYING PARTIES. The relationship between IAs (or VeriSign) and subscribers and that between IAs (or VeriSign) and relying parties is not that of agent and principal. Neither subscribers nor relying parties have any authority to bind an IA (or VeriSign), by contract or otherwise, to any obligation. IAs and VeriSign shall make no representations to the contrary, either expressly, implicitly, by appearance, or otherwise.
VeriSign's public certification services are not designed, intended, or authorized for use or resale as control equipment in hazardous circumstances or for uses requiring fail-safe performance such as the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control systems, or weapons control systems, where failure could lead directly to death, personal injury, or severe environmental damage.