|
|
 |
VERISIGN™ PUBLIC CERTIFICATION SERVICES GLOBAL SERVER ID SUBSCRIBER AGREEMENT
YOU MUST READ THIS GLOBAL SERVER ID SUBSCRIBER AGREEMENT ("SUBSCRIBER AGREEMENT") BEFORE APPLYING FOR, ACCEPTING, OR USING A GLOBAL SERVER ID. IF YOU DO NOT AGREE TO THE TERMS OF THIS SUBSCRIBER AGREEMENT, DO NOT APPLY FOR, ACCEPT, OR USE THE GLOBAL SERVER ID.
THIS SUBSCRIBER AGREEMENT will become effective on the date you submit the Global Server ID application ("Application") to the designated issuing authority (IA). By submitting this Subscriber Agreement (and Application) you are requesting that the IA issue a Global Server ID to you and are expressing your agreement to the terms of this Subscriber Agreement. VeriSign's Public Certification Services are governed by VeriSign's Certification Practice Statement (the "CPS") as amended from time to time, which is incorporated by reference into this Subscriber Agreement. The CPS is published on the Internet in VeriSign's https://www.verisign.com/repository and ftp://ftp.verisign.com/repository/CPS and is available via E-mail from: CPS-requests@verisign.com. Amendments to the CPS are also posted in VeriSign's repository at https://www.verisign.com/repository/updates.
YOU AGREE TO USE THE GLOBAL SERVER ID AND ANY RELATED IA SERVICES ONLY IN ACCORDANCE WITH THE CPS. YOU AGREE TO SPECIFICALLY ABIDE BY THE TERMS OF VERISIGN'S RELYING PARTY AGREEMENT ("RPA") AND CPS SECTION 8 WHEN RELYING UPON ANY GLOBAL SERVER ID, SERVER ID, OR OTHER CERTIFICATE ISSUED BY AN IA. The RPA is posted in VeriSign's repository at https://www.verisign.com/repository/RPA. In addition to the CPS and RPA, you agree to Sections 1 - 9 below.
Additional Information and Terms and Conditions.
- VeriSign Export Licenses. VeriSign is licensed to issue Global Server IDs, subject to the terms of VeriSign's Export License Agreements with the U.S. Department of Commerce, Bureau of Export Administration. VeriSign shall retain the right, at its sole discretion, to approve your Application, subject to the terms of a VeriSign License.
- Global Server ID. The Export Commodity Control Number for your Global Server ID is 5D002. A Global Server ID enables you to negotiate SSL or TLS sessions using 128-bit RC4 or IDEA, 56 bit DES, two-key Triple-DES encryption, or such other encryption that the U.S. Department of Commerce may permit for export in the future. You must use a Global Server ID software platform listed on the enrollment form in order to enable an SSL or TLS session with your Global Server ID.
- Qualified Applicant. You represent that you are one of the following entities that are eligible to receive favorable treatment under current U.S. encryption export control policy for the export of Global Server IDs.
3.1 "Bank" means (a) Bank, savings association, credit union, bank holding company, bank or savings association service corporation, Edge Act corporation, Agreement corporation, or any insured depository institution, which is organized under the laws of the United States or any State and regulated or supervised by a Federal banking agency or a State bank supervisor; or (b) a company organized under the laws of a foreign country and regulated or supervised by a foreign bank regulatory or supervisory authority which engages in the business of banking, including without limitation, foreign commercial banks, foreign merchant banks and other foreign institutions that engage in banking activities usual in connection with the business of banking in the countries where such foreign institutions are organized or operating; or (c) an entity engaged in the business of providing clearing or settlement services, that is, or whose members are, regulated or supervised by a Federal banking agency, a State bank supervisor, or a foreign bank regulatory or supervisory authority; or (d) a branch or affiliate of any of the entities listed in Subsections (a), (b), or (c) of this Section 3.1, regulated or supervised by a Federal banking agency, a State bank supervisor or a foreign bank regulatory or supervisory authority; or (e) an affiliate of any of the entities listed in Subsections (a), (b), (c), or (d) of this Section 3.1, engaged solely in the business of providing data processing services to a bank or financial institution, or a branch of such an affiliate.
3.2 "Financial Institution" means any of the following: (a) a broker, dealer, government securities broker or dealer, self-regulatory organization, investment company, or investment adviser, which is regulated or supervised by the Securities and Exchange Commission or a self-regulatory organization that is registered with the Securities and Exchange Commission; or (b) a broker, dealer, government securities broker or dealer, investment company, investment adviser, or entity that engages in securities activities that, if conducted in the United States, would be described by the definition of the term "self-regulatory organization"' in the Securities Exchange Act of 1934, which is organized under the laws of a foreign country and regulated or supervised by a foreign securities authority; or (c) a US board of trade that is designated as a contract market by the Commodity Futures Trading Commission or a futures commission merchant that is regulated or supervised by the Commodity Futures Trading Commission; or (d) a US entity engaged primarily in the business of issuing a general purpose charge, debit, or stored value card, or a branch of, or affiliate controlled by, such an entity; or (e) a branch or affiliate of any of the entities listed in Subsections (a), (b), or (c) of this Section 3.2 regulated or supervised by the Securities and Exchange Commission, the Commodity Futures Trading Commission, or a foreign securities authority; or (f) an affiliate of any of the entities listed in Subsections (a), (b), (c), or (e) of this Section 3.2, engaged solely in the business of providing data processing services to one or more bank or financial institutions, or a branch of such an affiliate.
3.3. "Banking and Financial Service Systems" means systems that enable secure online or Internet transmission of financial data between you and your clients and prospective customers. Banking and Financial Service Systems include intra bank and bank to bank financial systems but do not include client to client (e.g. customer to customer) exchange of Global Server ID-encrypted financial or non-financial data.
3.4. "Insurance Company" means a company organized and regulated under the laws of any of the United States and its branches or affiliates whose primary and predominant business activity is the writing of insurance or the reinsurance of risks; or a company organized and regulated under the laws of a foreign country and its branches and affiliates, regulated by an insurance commissioner or an equivalent foreign regulatory authority and whose primary and predominant business activity is the writing of insurance or the reinsuring of risks.
3.5. "Health and Medical Organizations" means any entity, including civilian government agencies but excluding biochemical and pharmaceutical manufacturers and military government entities, the primary purpose of which is the provision of medical or other health services.
3.6. "Online Merchant" means an entity regularly engaged in lawful commerce that use means of electronic communications (e.g., the internet) to conduct commercial transactions.
3.7. U.S. Subsidiaries. In addition to the entities defined in Sections 3.1-3.6, U.S. Subsidiary organizations (as defined in this Section 3.7) may also purchase and use Global Server IDs solely for the purpose of securing company proprietary information. Qualified entities under this paragraph must meet one of the following conditions: (a) a U.S. entity beneficially owns or controls (whether directly or indirectly) 25 percent or more of the voting securities of the foreign subsidiary or entity, if no other persons owns or controls (whether directly or indirectly) an equal or larger percentage; (b) the foreign subsidiary or entity is operated by the U.S. entity pursuant to the provisions of an exclusive management contract; (c) a majority of the members of the Board of Directors of the foreign subsidiary also are members of the comparable governing body of the U.S. entity; (d) the U.S. entity has the authority to appoint the majority of the members of the Board of Directors of the foreign subsidiary or entity; or (e) the U.S. entity has the authority to appoint the chief operating officer of the foreign subsidiary or entity ("U.S. Subsidiary").
- Geographical Restrictions.
4.1. Online Merchant or Health or Medical Organization. You shall not be located in nor use your Global Server ID in Cuba, India, Iran, Iraq, Libya, Montenegro, North Korea, Pakistan, Serbia, Sudan, and Syria under the terms of this Agreement.
4.2. Bank, Financial Institution, Banking or Financial Service Systems or Insurance Company. You shall not be located in nor use your Customer's Global Server ID in the counties listed in Section 4.1 and the Afghanistan, Cayman Islands, Chile, Columbia, Dominican Republic, Mexico, Nigeria, Panama, Paraguay, the Peoples Republic of China, Romania, Russian Federation, Taiwan, Thailand, and Venezuela under the terms of this Agreement.
4.3. U.S. Subsidiary. You shall not be located in nor use your Global Server ID in Cuba, Iran, Iraq, Libya, Montenegro, North Korea, Serbia, Sudan or Syria under the terms of this Agreement.
- Use Restrictions.
5.1 Types of Transactions. If you are a Bank, Financial Institution or Banking and Financial Service System, you shall implement or utilize your Global Server ID only to secure financial transactions/communications. No client-to-client usage is authorized. If you are a Health or Medical Organization, you shall implement or utilize your Global Server ID only to secure health/medical information. No client-to-client usage is authorized. If you are an Online Merchant, you shall implement or utilize your Global Server ID only for the purchase or sale of goods and software and provision of services connected with the purchase or sale of goods and software, including interactions between purchasers and sellers necessary for ordering, payment and delivery of goods and software. No customer-to-customer communications or transactions are allowed. If you are a U.S. Subsidiary organization, you may use your Global Server ID only to secure company proprietary information.
5.2. Single Use Only. You are prohibited from using your Global Server ID (i) for or on behalf of any other organization, (ii) to perform private or public key operations in connection with any domain name and/or organization name other than the submitted by you during enrollment, or (iii) on more than one server at a time.
5.3. Revocation. If your organizational name and/or domain name registration change, you must immediately notify VeriSign, and VeriSign shall revoke your Global Server ID. VeriSign retains the right to revoke your Global Server ID if, within forty five (45) days of receiving an invoice from VeriSign, you do not pay the invoice. VeriSign also retains the right to revoke your Global Server ID if you fail to perform any of your material obligations under the terms and conditions for the use of the Authentic Site Seal where the Authentic Site Seal has been installed by you.
5.4. Obligations Upon Revocation or Expiration. Upon expiration or notice of revocation of your Global Server ID, you shall permanently remove your Global Server ID from the server on which it is installed and shall not use it for any purpose thereafter.
- Control. You shall operate your computer systems on which you installed your Global Server ID ("Server") under your Effective Control.
6.1. "Effective Control" means you 1) have access to all transaction data that may be transmitted over the Server, and are prepared to disclose data to a government agency in the jurisdiction where the Server is operated pursuant to a duly authorized warrant or court order or other lawful authority and 2) have authority to modify or control the Server, including the ability to disable your Global Server ID in the event that the IA is entitled by contract, or required by law, to terminate this Subscriber Agreement, which governs use of your Global Server ID.
- Additional Representations. By submitting this Subscriber Agreement (and Application) you represent that the following statements are true and warrant that such statements will be true during the term of this Subscriber Agreement.
7.1. This Subscriber Agreement and the Application has been submitted by a responsible official or representative empowered and authorized by the organization named in the Application (the "Organization") to certify that the conditions set forth in this Subscriber Agreement (and Application) have been, or will be, met in full by the Organization.
7.2. The Organization is eligible to obtain and utilize a Global Server ID in a manner consistent with all applicable export control laws and regulations of the United States.
7.3 If you are an Online Merchant, you warrant and represent that you do not sell any item or service that is controlled by the United States Munitions List.
7.4 You shall revoke your Global Server ID or Second Global Server ID if, at any time, you no longer meet the definition of a Qualified Applicant.
- Non-Qualified Applicants. IF YOU ARE NOT A QUALIFIED APPLICANT AS DEFINED IN SECTION 3, YOU STILL MAY BE ELIGIBLE FOR ACQUISITION AND USE OF A GLOBAL SERVER ID. UNITED STATES' ORGANIZATIONS MAY ACQUIRE AND USE A GLOBAL SERVER ID IN THE FOLLOWING CIRCUMSTANCES; (1) USE IN AN INTRACOMPANY INTRANET WHERE ALL ENCRYPTED COMMUNICATIONS OCCUR ENTIRELY WITHIN THE UNITED STATES; (2) USE IN AN INTRACOMPANY INTRANET WHERE ENCRYPTED COMMUNICTIONS OCCUR ONLY BETWEEN AND AMONG OFFICES OF THE ORGANIZATION; AND (3) USE IN ENCRYPTED COMMUNICATIONS WITH OTHER PERSONS OR ENTITIES OUTSIDE THE UNITED STATES ONLY TO THE EXTENT PERMITTED UNDER APPLICABLE EXPORT CONTROL REGULATIONS OR INDIVIDUALLY-APPROVED EXPORT LICENSE ARRANGEMENTS.
- NetSureSM THE NETSURESM PLAN ("PLAN") PROVIDES YOU WITH CERTAIN LIMITED WARRANTIES, DISCLAIMS ALL OTHER WARANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND LIMITS LIABILITY. THE CERTIFICATE LIFETIME LIMIT (AS DEFINED IN THE PLAN) FOR YOUR GLOBAL SERVER ID CORRESPONDS TO THE AMOUNT LISTED WITH THE PRODUCT OPTION THAT YOU SELECTED DURING THE ENROLLMENT PROCESS. FOR INFORMATION ON THE PLAN, SEE HTTPS://WWW.VERISIGN.COM/REPOSITORY/NETSURE.
YOU DEMONSTRATE YOUR KNOWLEDGE AND ACCEPTANCE OF THE TERMS OF THIS SUBSCRIBER AGREEMENT BY EITHER (I) SUBMITTING AN APPLICATION FOR A GLOBAL SERVER ID TO VERISIGN, OR (II) USING YOUR GLOBAL SERVER ID, WHICHEVER OCCURS FIRST.
|
|
|
