VeriSign Public Certification Services

YOU MUST READ THIS SUBSCRIBER AGREEMENT ("SUBSCRIBER AGREEMENT") BEFORE APPLYING FOR, ACCEPTING, OR USING A VERISIGN SSL ID OR PREMIUM SSL ID ("CERTIFICATE"). IF YOU DO NOT AGREE TO THE TERMS OF THIS SUBSCRIBER AGREEMENT, DO NOT APPLY FOR, ACCEPT, OR USE THE CERTIFICATE.

1. Definitions.

"Certification Authority" shall mean an entity authorized to issue, manage, revoke, and renew certificates in the VTN.

"Compromise" shall mean a loss, theft, disclosure, modification, unauthorized use, or other compromise of the security of a private key.

"Derivative Work" shall have the meaning set forth in Section 8.

"Device" shall mean a network management tool, such as a server load balancer or SSL accelerator, that routes electronic data from one point to single or multiple devices or servers.

"Licensed Certificate Option" shall mean the specific licensing option on the enrollment screen that permits a subscriber to use of a Certificate on one physical Device and obtain additional Certificate licenses for each physical server that each Device manages, or where replicated Certificates may otherwise reside.

"RA" or "Registration Authority" shall mean an individual and/or entity approved by a CA to assist Certificate Applicants in applying for Certificates, and to approve or reject Certificate Applications, revoke Certificates, or renew Certificates.

"Relying Party" shall mean an individual or organization that acts in reliance on a certificate and/or a digital signature.

"Relying Party Agreement" shall mean an agreement used by a Certification Authority setting forth the terms and conditions under which an individual or organization acts as a Relying Party, such as the VeriSign Relying Party Agreements that are published at http://www.verisign.com/repository/rpa/index.html.

"Premium SSL ID" shall mean a Class 3 organizational Certificate used to support SSL sessions between web browsers and web servers and/or Devices that are encrypted using strong cryptographic protection consistent with applicable export laws.

"SSL ID" shall mean a Class 3 organizational Certificate used to support SSL sessions between web browsers and web servers.

"Secure Sockets Layer" ("SSL") shall mean an industry-standard method for protecting Web communications developed by Netscape Communications Corporation. The SSL security protocol provides data encryption, server authentication, message integrity, and optional client authentication for a Transmission Control/Internet Protocol connection.

"Server" shall mean a traditional web, mail, or application server.

"VeriSign CPS" shall mean the VeriSign Certification Practice Statement, as amended from time to time, which may be accessed from http://www.verisign.com/repository/cps/.

"VeriSign Intellectual Property Rights" shall have the meaning set forth in Section 8.

"VTN" shall mean the VeriSign Trust Network^SM that is a global public key infrastructure that provides Certificates for both wired and wireless applications.

2. Description of the Certificate. This section sets forth the terms and conditions regarding your application ("Certificate Application") for a Certificate and, if VeriSign and/or the RA accepts your Certificate Application, the terms and conditions regarding the your use of the Certificate to be issued by VeriSign to you as "Subscriber" of that Certificate. A "Certificate" is a digitally signed message that contains a Subscriber's public key and associates it with information authenticated by VeriSign or a VeriSign-authorized entity. The Certificate provided under this Agreement is issued within the VTN by VeriSign.

The Certificate for which you have applied on behalf of your organization is a Class 3 organizational Certificate within the VTN. Class 3 organizational Certificates are issued to web Servers and/or Devices to provide authentication, message, software, and content integrity and signing, and confidentiality encryption. Class 3 organizational Certificates provide assurances of the identity of the Subscriber based on a confirmation that the Subscriber organization does in fact exist, that the organization has authorized the Certificate Application, and that the person submitting the Certificate Application on behalf of the Subscriber was authorized to do so. The Certificate also provides assurances that the Subscriber is entitled to use the domain name listed in the Certificate Application, if a domain name is listed in such Certificate Application. For more detailed information about VeriSign's certification services, please see the VeriSign CPS.

3. Processing Your Certificate Application. Upon the RA's completion of the necessary authentication procedures required for the Certificate you have purchased, VeriSign will process your Certificate Application. The RA will notify you whether your Certificate Application is approved or rejected. If your Certificate Application is approved, VeriSign will issue you a Certificate for your use in accordance with this Subscriber Agreement. Your use of the PIN from VeriSign to pick up the Certificate or otherwise installing or using the Certificate is considered your acceptance of the Certificate. After you pick up or otherwise install your Certificate, you must review the information in it before using it and promptly notify VeriSign of any errors. Upon receipt of such notice, VeriSign may revoke your Certificate and issue a corrected Certificate.

4. Use Restrictions. You are prohibited from using your Certificate (i) for or on behalf of any other organization; (ii) to perform private or public key operations in connection with any domain name and/or organization name other than the submitted by you on your Certificate Application; (iii) on more than one physical server or device at a time, unless you have purchased the Licensed Certificate Option; or (iv) for use as control equipment in hazardous circumstances or for uses requiring fail-safe performance such as the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control systems, or weapons control systems, where failure could lead directly to death, personal injury, or severe environmental damage. If you are using the Licensed Certificate Option, you acknowledge and agree that this Option can result in increased security risks to your network and that VeriSign expressly disclaims any liability for breaches of security that result from the distribution of a single key across multiple devices. VERISIGN CONSIDERS THE UNLICENSED USE OF A CERTIFICATE ON A DEVICE THAT RESIDES ABOVE A SERVER OR SERVER FARM SOFTWARE PIRACY AND WILL PURUSE VIOLATORS TO THE FULLEST EXTENT OF THE LAW. If you choose to display VeriSign's Secure Site Seal (the "Seal"), you must install and display such Seal only in accordance with the Secure Site Seal Licensing Agreement (https://www.verisign.com/repository/sslicense_agree.html).

5. Revocation. If you discover or have reason to believe there has been a Compromise of your private key or the activation data protecting such private key, or the information within the Certificate is incorrect or has changed, or if your organizational name and/or domain name registration has changed, you must immediately notify VeriSign and request revocation of the Certificate and you must notify any person that may reasonably be expected by you to rely on or to provide services in support of the Certificate or a digital signature verifiable with reference to the Certificate. VeriSign retains the right to revoke your Certificate if you have installed a Seal and fail to perform any of your obligations under the Secure Site Seal Licensing Agreement or otherwise fail to perform any other material obligations under the terms of this Subscriber Agreement or if, in VeriSign's sole discretion, VeriSign determines that you have or may have compromised the security or integrity of the VTN.

6. Obligations Upon Revocation or Expiration. Upon expiration or notice of revocation of your Certificate, you shall permanently remove your Certificate from the server on which it is installed and shall not use it for any purpose thereafter and, if you have installed a Seal, you shall remove such Seal.

7. Representations and Warranties.

7.1 VeriSign Representations and Warranties. VeriSign represents and warrants to you that (i) there are no errors introduced by VeriSign in your Certificate information as a result of VeriSign's failure to use reasonable care in creating the Certificate; (ii) your Certificate complies in all material respects with the VeriSign CPS; and (iii) VeriSign's revocation services and use of a repository conform to the VeriSign CPS in all material aspects.

7.2 Your Representations and Warranties. You represent and warrant to VeriSign and anyone who relies on your Certificate that (i) all the information you provide and all the representations you make to VeriSign in your Certificate Application are accurate; (ii) no Certificate information you provided (including your e-mail address) infringes the intellectual property rights of any third parties; (iii) the Certificate Application information you provided (including your email address) has not been and will not be used for any unlawful purpose; (iv) you have been (since the time of its creation) and will remain the only person possessing your private key and no unauthorized person has had or will have access to your private key; (v) you have been (since the time of its creation) and will remain the only person possessing any challenge phrase, PIN, software, or hardware mechanism protecting your private key and no unauthorized person has had or will have access to the same; (vi) you will use your Certificate exclusively for authorized and legal purposes consistent with this Subscriber Agreement; (vii) you will use your Certificate as an end-user Subscriber and not as a Certification Authority issuing Certificates, certification revocation lists, or otherwise; (viii) each digital signature created using your private key is your digital signature, and the Certificate has been accepted and is operational (not expired or revoked) at the time the digital signature is created; (ix) you manifest assent to this Subscriber Agreement as a condition of obtaining a Certificate; and (x) you will not monitor, interfere with, or reverse engineer the technical implementation of the VTN, except with the prior written approval from VeriSign, and shall not otherwise intentionally compromise the security of the VTN. You further represent and warrant that you have sufficient information to make an informed decision as to the extent to which you choose to rely on the information in a digital certificate issued within the VTN, that you are solely responsible for deciding whether or not to rely on such information, and that you shall bear the legal consequences of your failure to perform any obligations you might have as a Relying Party under the applicable Relying Party Agreement.

8. Ownership. Except as otherwise set forth herein, all right, title and interest in and to all, (i) registered and unregistered trademarks, service marks and logos; (ii) patents, patent applications, and patentable ideas, inventions, and/or improvements; (iii) trade secrets, proprietary information, and know-how; (iv) all divisions, continuations, reissues, renewals, and extensions thereof now existing or hereafter filed, issued, or acquired; (v) registered and unregistered copyrights including, without limitation, any forms, images, audiovisual displays, text, software; and (vi) all other intellectual property, proprietary rights or other rights related to intangible property which are used, developed, comprising, embodied in, or practiced in connection with any of the VeriSign services identified herein ("VeriSign Intellectual Property Rights") are owned by VeriSign or its licensors, and you agree to make no claim of interest in or ownership of any such VeriSign Intellectual Property Rights. You acknowledge that no title to the VeriSign Intellectual Property Rights is transferred to you, and that you do not obtain any rights, express or implied, in the VeriSign or its licensors' service, other than the rights expressly granted in this Subscriber Agreement. To the extent that you create any Derivative Work (any work that is based upon one or more preexisting versions of a work provided to you, such as an enhancement or modification, revision, translation, abridgement, condensation, expansion, collection, compilation or any other form in which such preexisting works may be recast, transformed or adapted) such Derivative Work shall be owned by VeriSign and all right, title and interest in and to each such Derivative Work shall automatically vest in VeriSign. VeriSign shall have no obligation to grant you any right in any such Derivative Work. You may not reverse engineer, disassemble or decompile the VeriSign Intellectual Property or make any attempt to obtain source code to the VeriSign Intellectual Property. You have the right to use the Certificate under the terms and conditions of this Subscriber Agreement.

9. Modifications to Subscriber Agreement. Except as otherwise provided in this Subscriber Agreement, you agree, during the term of this Subscriber Agreement, that VeriSign may: (i) revise the terms and conditions of this Subscriber Agreement; and/or (ii) change part of the services provided under this Subscriber Agreement at any time. Any such revision or change will be binding and effective thirty (30) days after posting of the revised Subscriber Agreement or change to the service(s) on VeriSign's Web sites, or upon notification to you by e-mail. You agree to periodically review VeriSign's Web sites, including the current version of this Subscriber Agreement available on VeriSign's Web sites, to be aware of any such revisions. If you do not agree with any revision to the Subscriber Agreement, you may terminate this Subscriber Agreement at any time by providing VeriSign with notice. Notice of your termination will be effective on receipt and processing by VeriSign. Any fees paid by you if you terminate this Subscriber Agreement are nonrefundable. By continuing to use VeriSign services after any revision to this Subscriber Agreement or change in service(s), you agree to abide by and be bound by any such revisions or changes. VeriSign is not bound by nor should you rely on any representation by (i) any agent, representative or employee of any third party that you may use to apply for VeriSign's services; or in (ii) information posted on our Web site of a general informational nature. No employee, contractor, agent or representative of VeriSign is authorized to alter or amend the terms and conditions of this Subscriber Agreement.

10. Privacy. You agree that VeriSign may place in your Certificate certain information that you provide for inclusion in your Certificate. You also agree that VeriSign may publish your Certificate and information about its status in VeriSign's repository of Certificate information and make this information available to other repositories.

11. Disclaimers of Warranties. YOU AGREE THAT YOUR USE OF VERISIGN'S SERVICE(S) IS SOLELY AT YOUR OWN RISK. YOU AGREE THAT ALL SUCH SERVICES ARE PROVIDED ON AN "AS IS" AND AS AVAILABLE BASIS, EXCEPT AS OTHERWISE NOTED IN THIS SUBSCRIBER AGREEMENT. VERISIGN EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. OTHER THAN THE WARRANTIES AS SET FORTH IN SECTION 7, VERISIGN DOES NOT MAKE ANY WARRANTY THAT THE SERVICE WILL MEET YOUR REQUIRMENTS, OR THAT THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE OR ERROR FREE; NOR DOES VERISIGN MAKE ANY WARRANTY AS TO THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICE OR TO THE ACCURACY OR RELIABILITY OF ANY INFORMATION OBTAINED THROUGH VERISIGN'S SERVICE. YOU UNDERSTAND AND AGREE THAT ANY MATERIAL AND/OR DATA DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF VERISIGN'S SERVICES IS DONE AT YOUR OWN DISCRETION AND RISK. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM VERISIGN OR THROUGH VERISIGN'S SERVICES SHALL CREATE ANY WARRANTY NOT EXPRESSLEY MADE HEREIN. TO THE EXTENT JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN WARRANTIES, SOME OF THE ABOVE EXCLUSIONS MAY NOT APPLY TO YOU. VERISIGN IS NOT RESPONSIBLE FOR AND SHALL HAVE NO LIABILITY WITH RESPECT TO ANY PRODUCTS AND/OR SERVICES PURCHASED BY YOU FROM A THIRD PARTY.

12. Indemnity. You agree to release, indemnify, defend and hold harmless VeriSign and any of its contractors, agents, employees, officers, directors, shareholders, affiliates and assigns from all liabilities, claims, damages, costs and expenses, including reasonable attorney's fees and expenses, of third parties relating to or arising out of (i) this Subscriber Agreement or the breach of your warranties, representations and obligations under this Subscriber Agreement, (ii) falsehoods or misrepresentations of fact by you on the Certificate Application, (iii) any infringement of an intellectual property or other proprietary right of any person or entity, (iv) failure to disclose a material fact on the Certificate Application if the misrepresentation or omission was made negligently or with intent to deceive any party, or (v) failure to protect the private key, or use a trustworthy system, or to take the precautions necessary to prevent the compromise, loss, disclosure, modification or unauthorized use of the private key under the terms of this Subscriber Agreement. When VeriSign is threatened with suit or sued by a third party, VeriSign may seek written assurances from you concerning your promise to indemnify VeriSign, your failure to provide those assurances may be considered by VeriSign to be a material breach of this Subscriber Agreement. VeriSign shall have the right to participate in any defense by you of a third-party claim related to your use of any VeriSign services, with counsel of VeriSign's choice at your own expense. You shall have sole responsibility to defend VeriSign against any claim, but you must receive the prior written consent of VeriSign regarding any related settlement. The terms of this Section 12 will survive any termination or cancellation of this Subscriber Agreement. As a Relying Party, you further agree to release, indemnify, defend and hold harmless VeriSign and any of its contractors, agents, employees, officers, directors, shareholders, affiliates and assigns from all liabilities, claims, damages, costs and expenses, including reasonable attorney's fees and expenses, of third parties relating to or arising out of (i) your failure to perform the obligations of a Relying Party as set forth in the applicable Relying Party Agreement; (ii) your reliance on a certificate that is not reasonable under the circumstances; or (iii) your failure to check the status of such certificate to determine whether the certificate is expired or revoked.

13. Limitations of Liability.

THIS SECTION APPLIES TO LIABILITY UNDER CONTRACT (INCLUDING BREACH OF WARRANTY), TORT (INCLUDING NEGLIGENCE AND/OR STRICT LIABILITY), AND ANY OTHER LEGAL OR EQUITABLE FORM OF CLAIM. IF YOU INITIATE ANY CLAIM, ACTION, SUIT, ARBITRATION, OR OTHER PROCEEDING SEPARATE FROM A REQUEST FOR PAYMENT UNDER THE NETSURE PROTECTION PLAN RELATING TO SERVICES PROVIDED UNDER THIS SUBSCRIBER AGREEMENT, AND TO THE EXTENT PERMITTED BY APPLICABLE LAW, VERISIGN'S TOTAL LIABILITY FOR DAMAGES SUSTAINED BY YOU AND ANY THIRD PARTY FOR ANY USE OR RELIANCE ON A CERTIFICATE SHALL BE LIMITED, IN THE AGGREGATE, TO ONE HUNDRED THOUSAND U.S. DOLLARS (US $100,000.00)

THE LIABILITY LIMITATIONS PROVIDED IN THIS SECTION SHALL BE THE SAME REGARDLESS OF THE NUMBER OF DIGITAL SIGNATURES, TRANSACTIONS, OR CLAIMS RELATED TO SUCH CERTIFICATE. VERISIGN SHALL NOT BE OBLIGATED TO PAY MORE THAN THE TOTAL LIABILITY LIMITATION FOR EACH CERTIFICATE.

14. Force Majeure. Except for payment and indemnity obligations hereunder, neither party shall be deemed in default hereunder, nor shall it hold the other party responsible for, any cessation, interruption or delay in the performance of its obligations hereunder due to earthquake, flood, fire, storm, natural disaster, act of God, war, armed conflict, terrorist action, labor strike, lockout, boycott, provided that the party relying upon this Section 14 shall (i) have given the other party written notice thereof promptly and, in any event, within five (5) days of discovery thereof and (ii) take all reasonable steps reasonably necessary under the circumstances to mitigate the effects of the force majeure event upon which such notice is based; provided further, that in the event a force majeure event described in this Section 14 extends for a period in excess of thirty (30) days in aggregate, the other party may immediately terminate this Subscriber Agreement.

15. Export. You acknowledge and agree that you shall not import, export, or re-export directly or indirectly, any commodity, including your Certificate, to any country in violation of the laws and regulations of any applicable jurisdiction. This restriction expressly includes, but is not limited to, the export regulations of the United States of America (the "United States"). Specifically, you shall not download or otherwise export or re-export any Certificate into or to (i) a national or resident of) Cuba, Iran, Iraq, Libya, Sudan, North Korea, Syria, or Taliban controlled areas of Afghanistan or any other country where such use is prohibited under United States export regulations, or (ii) to anyone on the United States Treasury Department's list of Specially Designated Nationals or the United States Commerce Department's Table of Denial Orders. You agree to the foregoing and represent and warrant that you are not located in, under the control of, or a national or resident of any such country or on any such list. WITH RESPECT TO VERISIGN SSL PREMIUM IDS, VERISIGN IS REQUIRED BY LAW TO REPORT TO THE UNITED STATES GOVERNMENT YOUR COMPANY NAME AND ADDRESS IF YOU ARE A NON-UNITED STATES OR CANADA ENTITY OR INDIVIDUAL PURCHASING THE CERTIFICATE. IN THE EVENT YOU EXPORT A CERTIFICATE TO A NON-UNITED STATES OR CANADA ENTITY OR INDIVIDUAL, YOU AGREE TO PROVIDE VERISIGN WITH THE INFORMATION VERISIGN NEEDS IN ORDER TO REPORT SUCH EXPORTS TO THE UNITED STATES GOVERNMENT.

16. Severability. You agree that the terms of this Subscriber Agreement are severable. If any term or provision is declared invalid or unenforceable, in whole or in part, that term or provision will not affect the remainder of this Subscriber Agreement; this Subscriber Agreement will be deemed amended to the extent necessary to make this Subscriber Agreement enforceable, valid and, to the maximum extent possible consistent with applicable law, consistent with the original intentions of the parties; and the remaining terms and provisions will remain in full force and effect.

17. Governing Law. The parties agree that any disputes related to the services provided under this Subscriber Agreement shall be governed in all respects by and construed in accordance with the laws of the State of California, United States of America, excluding its conflict of laws rules. The parties agree that the United Nations Convention on Contracts for the International Sale of Goods shall not apply to this Agreement.

18. Dispute Resolution. To the extent permitted by law, before you may invoke any dispute resolution mechanism with respect to a dispute involving any aspect of this Subscriber Agreement, you shall notify VeriSign, and any other party to the dispute for the purpose of seeking dispute resolution. If the dispute is not resolved within sixty (60) days after the initial notice, then a party may proceed in accordance with the following:

     (i) When each party to the dispute is a Canadian or U.S. resident or organization situated or doing business in Canada or the United States. All suits to enforce any provision of this Subscriber Agreement or arising in connection with this Agreement shall be brought in the United States District Court for the Northern District of California or the Superior or Municipal Court in and for the County of Santa Clara, California, U.S.A. The parties agree that such courts shall have exclusive in personam jurisdiction and venue and the parties submit to the exclusive in personam jurisdiction and venue of such courts. The parties further waive any right to a jury trial regarding any action brought in connection with this Subscriber Agreement.

     (ii) Where one or more parties to the dispute is not a Canadian or U.S. resident or organization situated or doing business in Canada or the United States. All disputes arising in connection with this Subscriber Agreement shall be finally settled under the Rules of Conciliation and Arbitration of the International Chamber of Commerce (ICC) as modified as necessary to reflect the provisions herein by one or more arbitrators. The place of arbitration shall be in New York or San Francisco, U.S.A., and the proceedings shall be conducted in English. In cases involving a single arbiter, that single arbiter shall be appointed by mutual agreement of the parties. If the parties fail to agree to an arbiter within fifteen (15) days, the ICC shall choose an arbiter knowledgeable in computer software law, information security and cryptography or otherwise having special qualifications in the field, such as a lawyer, academician, or judge in common law jurisdiction. Nothing in this Subscriber Agreement will be deemed as preventing either party from seeking injunctive relief (or any other provisional remedy) from any court having jurisdiction over the parities and the subject matter of this dispute as is necessary to protect either party's name, proprietary information, trade secret, know-how, or, or any other intellectual property rights.

19. Non-Assignment. Except as otherwise set forth herein, your rights under this Agreement are not assignable or transferable. Any attempt by your creditors to obtain an interest in your rights under this Agreement, whether by attachment, levy, garnishment or otherwise, renders this Agreement voidable at VeriSign's option.

20. Notices. You will make all notices, demands or requests to VeriSign with respect to this Subscriber Agreement in writing to: Attn: General Counsel, VeriSign, Inc., 487 E. Middlefield Road, Mountain View, CA 94043.

21. Entire Agreement. This Subscriber Agreement constitutes the entire understanding and agreement between VeriSign and you with respect to the transactions contemplated, and supersedes any and all prior or contemporaneous oral or written representation, understanding, agreement or communication between VeriSign and you concerning the subject matter hereof. Neither party is relying upon any warranties, representations, assurances or inducements not expressly set forth herein. Section headings are inserted for convenience of reference only and are not intended to be part of or to affect the meaning this Subscriber Agreement. Terms and conditions in any purchase orders that are not included in this Subscriber Agreement or that conflict with this Subscriber Agreement are null and void.