United States [
Feedback
THIS VERISIGN MANAGED PKI FOR SSL, MANAGED PKI FOR SSL PREMIUM EDITION, MANAGED PKI FOR INTRANET SSL AND MANAGED PKI FOR INTRANET SSL PREMIUM EDITION AGREEMENT ("AGREEMENT") IS ENTERED INTO BETWEEN VERISIGN (AS DEFINED BELOW), AND THE ENTITY EXECUTING THIS AGREEMENT ("RA"). THIS AGREEMENT SETS FORTH THE TERMS AND CONDITIONS APPLICABLE TO RA IN PURCHASING EITHER MANAGED PKI FOR SSL OR MANAGED PKI FOR SSL PREMIUM EDITION (BOTH FORMERLY REFERRED TO AS "ONSITE") AS WELL AS MANAGED PKI FOR INTRANET SSL OR MANAGED PKI FOR INTRANET SSL PREMIUM EDITION. RA MUST READ THIS AGREEMENT CAREFULLY. BY CLICKING "ACCEPT" BELOW OR BY ACCEPTING A CERTIFICATE, RA AGREES TO BECOME A PARTY TO, AND BE BOUND BY, THE TERMS OF THIS AGREEMENT. BY CLICKING "DECLINE" BELOW, RA INDICATES THAT IT DOES NOT AGREE TO THE TERMS OF THIS AGREEMENT, AND WILL NOT BE A VERISIGN RA.
ALL REFERENCES TO "VERISIGN" IN THIS AGREEMENT SHALL BE UNDERSTOOD AS REFERENCES TO THE VERISIGN LEGAL ENTITY SPECIFIED ON THE HOMEPAGE OF THE WEBSITE ON WHICH RA APPLIED FOR THE VERISIGN SERVICES.
1. Definitions. The capitalized terms used in this Agreement shall have the following meanings unless otherwise specified and any reference to the singular includes the plural and vice versa:
"Affiliated Individuals" shall mean a natural person that is related to a given entity (i) as an officer, director, employee, partner, contractor, intern, or other person within the entity, (ii) as a member of a VeriSign registered community of interest, or (iii) as a person maintaining a relationship with the entity where the entity has business or other records providing appropriate assurances of the identity of such person.
"Authenticate" or "Authentication" shall mean the actions a CA takes to confirm that (i) the Subscriber is entitled to use the domain name listed in the Certificate Application, if a domain name is listed in such Certificate Application, (ii) the Subscriber's Organization does in fact exist, (iii) the Subscriber's Organization has authorized the Certificate Application, and (iv) the person submitting the Certificate Application on behalf of the Subscriber is authorized to do so.
"Certificate Application" is a request from a Certificate Applicant (or authorized agent of the Certificate Applicant) to a CA or RA for the issuance of a Certificate.
"Certification Authority" ("CA") shall mean VeriSign, an RA or any other VeriSign-authorized entity authorized to issue, manage, revoke, and renew Certificates in the VTN.
"Certificate" shall mean a Managed PKI for SSL Certificate, Managed PKI for SSL Premium Edition Certificate, Managed PKI for Intranet SSL Certificate, or Managed PKI for Intranet SSL Premium Edition Certificate.
"Certificate Applicant" is an individual or organization that requests the issuance of a Certificate by a CA.
"Device" shall mean any hardware appliance or software application, such as a server load balancer or SSL accelerator, that routes electronic data from one point to other single or multiple point(s) on a network.
"Domain" shall mean a domain name, host name or IP address assigned to a Device, accessible from the Internet (publicly facing), and owned by the Subscriber used in a VeriSign Class 3 organizational SSL Certificate.
"Erroneous Issuance" shall mean (a) issuance of a Certificate in a manner not materially in accordance with the procedures required by the VeriSign CPS, the Handbook, or the RA Requirements; (b) issuance of a Certificate to an entity other than the one named as the subject of the Certificate; or (c) issuance of a Certificate without the authorization of the entity named as the subject of such Certificate.
"Handbook" shall mean the VeriSign Managed PKI for SSL Administrator's Handbook, as amended from time to time, which may be obtained from VeriSign or accessed from the Managed PKI Control Center and which sets forth the operational requirements and practices for RAAs.
"Impersonation" shall mean requesting and being issued a Certificate based on false or falsified information relating to naming or identity.
"Intranet Domain" shall mean a domain name, host name or IP address assigned to a Device, not accessible from the Internet (not publicly facing), and owned by the Subscriber used in a VeriSign Class 3 organizational SSL Certificate.
"Licensed Certificate Option" shall mean the service option that grants a Subscriber the right to use a Certificate on one physical Device and obtain additional Certificate licenses for each physical server that each Device manages, or where replicated Certificates may otherwise reside. This Option may not be available to you.
"Managed PKI for SSL Certificate" shall mean a VeriSign Class 3 organizational SSL Certificate issued using RA's Managed PKI for SSL - Standard Edition account used for approving Certificates within designated Domains.
"Managed PKI for SSL Premium Edition Certificate" shall mean a VeriSign Class 3 organizational SSL Certificate issued using RA's Managed PKI for SSL - Premium Edition account used for approving Certificates within designated Domains that includes support for Server Gated Cryptography.
"Managed PKI for Intranet SSL Certificate" shall mean a VeriSign Class 3 organizational SSL Certificate issued within designated Intranet Domains using RA's Managed PKI for Intranet SSL - Standard Edition account.
"Managed PKI for Intranet SSL Premium Edition Certificate" shall mean a VeriSign Class 3 organizational SSL Certificate issued within designated Intranet Domains using RA's Managed PKI for Intranet SSL - Premium Edition account that includes support for Server Gated Cryptography.
"Organization" shall mean the Organization named in RA's Registration Authority Application and any other application named hereunder.
"RAA Certificate" shall mean a Class 3 Administrator Certificate issued by VeriSign to a RAA in accordance with Section 6.
"RAA Certificate Application" shall have the meaning set forth in Section 3.
"RA Requirements" shall mean the summary of VeriSign control and security requirements applicable to Registration Authorities, which is appended to and included in the Handbook.
"Registration Authority" ("RA") shall mean an individual and/or entity approved by a CA to perform Authentication, assist Certificate Applicants in applying for Certificates, and to approve or reject Certificate Applications, revoke Certificates, or renew Certificates.
"Registration Authority Administrator" ("RAA") shall mean authorized employees appointed by the Organization in accordance with Section 6.1.
"Repository" shall mean the collection of documents located at the link for the repository which may be accessed from the homepage of the website from which RA applied for the Service.
"Server" shall mean a computer or device on a network that manages network resources, including but not limited to a Web, e-mail, file or application server.
"Server Gated Cryptography" ("SGC") shall mean that cryptography that allows users with an export version browser to temporarily step-up to 128-bit SSL encryption if they visit a website with an SGC-compatible SSL certificate.
"Subscriber" is an organization that owns the equipment or Device that is the subject of, and that has been issued a Certificate. A Subscriber is capable of using, and is authorized to use, the private key that corresponds to the public key listed in the Certificate.
"Subscriber Agreement" shall mean an agreement that provides the terms of use for Certificate Applicants who request Certificates from an RA.
"VeriSign CPS" shall mean the VeriSign Certification Practice Statement, as amended from time to time, which may be accessed from the Repository.
"VeriSign Trust NetworkSM" ("VTN") shall mean VeriSign's global public key infrastructure that provides digital certificates for both wired and wireless applications.
2. Description of Managed PKI for SSL, Managed PKI for SSL Premium Edition, Managed PKI for Intranet SSL, and Managed PKI for Intranet SSL Premium Edition Services.
By clicking the "I Accept" button at the end of this Agreement, RA is (i) agreeing to use VeriSign's Managed PKI for SSL, Managed PKI for SSL Premium Edition, Managed PKI for Intranet SSL or Managed PKI for Intranet SSL Premium Edition ("the Service") on the terms and conditions set forth herein, (ii) warrants that all information RA provided on the RAA Certificate Application is accurate and complete and (iii) RA's Organization is entitled to use the Domain or Intranet Domain listed on the RAA Certificate Application. RA wishes to become a Registration Authority within VeriSign's subdomain of the VTN controlled by VeriSign. A Registration Authority assists other persons or entities in applying for Certificates, approving Certificate Applications, and (where necessary) requesting revocation of their Certificates. VeriSign will issue, manage, suspend, revoke, and/or renew Certificates in accordance with RA's instructions and the VeriSign CPS. Use of the Service involves RA applying for and obtaining one or more RAA Certificates and Certificates in accordance with the procedures below.
3. Processing the RAA Certificate Application ("RAA Certificate Application").
Upon VeriSign's receipt of the necessary payment and upon completion of authentication procedures required for the RAA Certificate, VeriSign will process RA's RAA Certificate Application, incorporated herein by reference. VeriSign will notify RA whether RA's RAA Certificate Application is approved or rejected. If the RAA Certificate Application is approved, VeriSign will issue an RAA Certificate for RAA's use in accordance with this Agreement. RAA's use of the PIN from VeriSign to pick up the RAA Certificate or otherwise installing or using the RAA Certificate is considered RAA acceptance of the RAA Certificate. After the RAA picks up or otherwise installs the RAA Certificate, the RAA must review the information in it before using it and promptly notify VeriSign of any errors. Upon receipt of such notice, VeriSign may revoke the RAA Certificate and issue a corrected RAA Certificate.
4. Incorporated by Reference.
The Handbook and the RA Requirements, as periodically amended, are incorporated herein by reference. VeriSign shall post a notice of any amendments on its website.
5. Insurance Coverage.
RA shall, at its own expense, maintain standard errors and omissions insurance in an amount that is commercially reasonable. Upon VeriSign's request, RA shall furnish proof of such insurance to VeriSign. This Section does not apply to governmental agencies.
6. RA's Duties as a Registration Authority.
6.1 Appointments.
RA shall appoint one or more authorized RA employees RAA(s). Specifically, RA hereby appoints the person(s) listed on the enrollment form as RAA(s). Such RAA(s) shall be entitled to appoint additional RAAs on RA's behalf. Upon approval of the RAA Certificate Application(s) of the RAA(s), VeriSign shall issue an RAA Certificate to each such RAA.
6.2 Registration Authority Requirements.
RA shall comply with RA Requirements, including without limitation requirements for validating the information in Certificate Applications, approving or rejecting such applications, using hardware and software designated by VeriSign, and requesting revocations. Upon RA's approval of an application, VeriSign (a) shall be entitled to rely upon the correctness of the information in each such approved application, and (b) shall issue a Certificate to the Certificate Applicant submitting such application.
6.3 Validation.
RA shall approve a Certificate Application only if (i) the application was made on behalf of a server or Device within RA's Organization; (ii) RA has authorized the use of RA's organizational name in the Certificate; (iii) and RA has authorized the use of the RA organization's Domain or Intranet Domain name listed in RA's RAA Certificate(s).
6.4 Authorization to Act On Behalf of Organization.
This Agreement and RA's Registration Authority application and any other application has been or will be submitted by a responsible official or representative empowered and authorized by the Organization to certify that the conditions set forth in this Agreement have been, or will be, met in full by the Organization.
6.5 Revocation.
If an RAA ceases to have the authority to act as RAA on behalf of RA, RA shall promptly request revocation of the RAA Certificate of such RAA. If RA's Organizational name and/or Domain or Intranet Domain registration change, RA or RAA shall promptly request revocation of all Certificates issued hereunder.
6.6 Manner of Performance.
RA shall perform the tasks in this Section 6 in a competent, professional, and workmanlike manner.
6.7 RA Employee Subscribers.
RA shall cause Certificate Applicants receiving Certificates hereunder to abide by the terms of this Agreement and the Subscriber Agreement, a copy of which can be obtained from the Repository.
7. Use Restrictions.
7.1 RAA Certificate Restrictions.
RAAs are prohibited from disclosing any challenge phrase, PIN, software or hardware mechanism protecting the private key to a third party.
7.2 Certificate Restrictions.
RAs and Certificate Applicants are prohibited from using a Certificate: (i) for or on behalf of any other organization; (ii) to perform private or public key operations in connection with any Domain(s) or Intranet Domain(s) and/or organization name(s) other than the one(s) submitted in the Certificate Application or RAA Certificate Application; (iii) that is not part of the approved Intranet Domain (applies to Managed PKI for Intranet SSL or Managed PKI for Intranet SSL Premium Edition only); or (iv) on more than one physical server or Device at a time, unless the RA has purchased the Licensed Certificate Option. RA acknowledges and agrees that the Licensed Certificate Option can result in increased security risks to RA's network and VeriSign expressly disclaims to the fullest extent permitted by applicable law any liability for breaches of security that result from the distribution of a single key across multiple Devices. VERISIGN CONSIDERS THE UNLICENSED USE OF A CERTIFICATE ON A DEVICE THAT RESIDES ABOVE A SERVER OR SERVER FARM SOFTWARE PIRACY AND WILL PURSUE VIOLATORS TO THE FULLEST EXTENT OF THE LAW. If you choose to display VeriSign's Secured Seal, you must install and display such Seal only in accordance with the Secured Seal License Agreement located in the Repository.
7.3 Monitoring Use.
(This Section applies to Managed PKI for SSL Intranet and Managed PKI for SSL Intranet Premium Edition Certificates only). VeriSign, in its sole discretion, may monitor the Organization's Internet Servers and/or Devices (publicly facing) for Intranet SSL Certificates that have been issued and do not comply with Section 7.2 ("Non-Compliant Intranet SSL Certificates"). The continued use of Non-Compliant Intranet SSL Certificates, after notice from VeriSign, will be subject to VeriSign's enforcement rights set out in Section 7.4 below.
7.4 VeriSign Enforcement Rights for Intranet SSL and Intranet SSL Premium Edition Certificates.
Subject to Section 7.3, if during its monitoring of Intranet SSL Certificates, VeriSign identifies a Non-Compliant Intranet SSL Certificate on Organization's Server or Device:
(i) VeriSign will first send a notice of non-compliance to the RAA. Upon receipt of and within twenty-four (24) hours of receiving such notice, RAA agrees to either (1) immediately move the Intranet SSL Certificate to an Intranet Domain or (2) remove and revoke the Intranet SSL Certificate from its Server(s); and
(ii) If VeriSign determines that the Non-Compliant Certificate has not been moved to an Intranet Domain or removed and revoked pursuant to Section 7.4(i) above, VeriSign will send a second, final notice of non-compliance to the RAA and reserves the right, in VeriSign's sole discretion, to terminate this Agreement immediately and revoke Administrator's Certificate pursuant to Section 6.5 above.
8. Service Fees.
RA shall pay VeriSign the then-current applicable service fees corresponding to RA's selected volume of Certificates. RA shall pay any and all applicable sales taxes or similar charges in relation to such Certificates.
9. Export.
RA acknowledges and agrees that it shall not import, export, or re-export directly or indirectly, any commodity, including the RAA Certificate and any Certificates issued pursuant to this Agreement, to any country in violation of the laws and regulations of any applicable jurisdiction. This restriction expressly includes, but is not limited to, the export regulations of the United States of America (the "United States"). Specifically, RA agrees that it shall not download or otherwise export or re-export any RAA Certificate or any Certificate into or to (i) a national or resident of Cuba, Iran, Iraq, Libya, Sudan, North Korea, or Syria or any other country where such use is prohibited under United States export regulations, or (ii) to anyone on the United States Treasury Department's list of Specially Designated Nationals or the United States Commerce Department's Table of Denial Orders. RA agrees to the foregoing and represents and warrants that none of RA, RAA or any Device on behalf of which a Certificate Application is submitted is located in, under the control of, or a national or resident of any such country or on any such list. WITH RESPECT TO THE EXPORT OF MANAGED PKI FOR SSL PREMIUM EDITION CERTIFICATES AND MANAGED PKI FOR INTRANET SSL PREMIUM CERTIFICATES, VERISIGN IS REQUIRED BY LAW TO REPORT TO THE UNITED STATES GOVERNMENT RA'S COMPANY NAME AND ADDRESS, IF RA IS A NON-UNITED STATES OR CANADA ENTITY OR INDIVIDUAL. IN THE EVENT RA EXPORTS A CERTIFICATE TO A NON-UNITED STATES OR CANADA ENTITY OR INDIVIDUAL, RA AGREES TO PROVIDE VERISIGN WITH THE INFORMATION VERISIGN NEEDS IN ORDER TO REPORT SUCH EXPORTS TO THE UNITED STATES GOVERNMENT.
10. Confidentiality.
10.1 Confidential Information.
"Confidential Information" means any confidential or other proprietary information disclosed by one party to the other under this Agreement, except information that: (a) is public knowledge at the time of disclosure, (b) was known by the receiving party before disclosure by the disclosing party, or becomes public knowledge or otherwise known to the receiving party after such disclosure, other than by breach of a confidentiality obligation, or (c) is independently developed by the receiving party.
10.2 Protection of Confidential Information.
The receiving party shall (a) not disclose the Confidential Information to any third party, (b) not use the Confidential Information in any fashion except for purposes of performing this Agreement, (c) exercise reasonable care to prevent disclosure, and (d) notify the disclosing party of any unauthorized disclosure or use of the Confidential Information. Upon termination of this Agreement for any reason, each party shall immediately deliver to the other party all copies of the Confidential Information received from such other party. Each party acknowledges that breach of this Section 10 will cause irreparable harm to the disclosing party entitling the disclosing party to seek injunctive relief, among other remedies.
10.3 Disclosure Required by Law.
Notwithstanding the foregoing, a party may disclose the Confidential Information of the other party to the extent required by the order or requirement of a court, administrative agency or other governmental body if the party to disclose the other party's Confidential Information does the following: (a) gives written notice of the intended disclosure to the other party at least ten (10) days in advance of the date of disclosure or if ten (10) days is not feasible then as much notice as is possible under the circumstances; (b) upon request of the other party and at the requesting party's expense, the party to disclose the Confidential Information redacts portions of the Confidential Information to be disclosed to the extent permitted by applicable law; and (c) at the request and expense of the party whose Confidential Information is to be disclosed, submits a request to the court, administrative agency or governmental body that any portions of the Confidential Information that are identified by the other party receive confidential treatment to the fullest extent permitted under applicable law.
11. Term.
This Agreement will be in effect for one (1) year starting on the Effective Date marked below (the "Initial Term"). This Agreement may be renewed for additional one (1) year terms (each a "Renewal Term") upon payment by RA to VeriSign of the then applicable current fees determined by VeriSign prior to the expiration of the Initial Term or then current Renewal Term, unless either party gives the other party at least thirty (30) days' notice of termination before the expiration of the then current Term. "Term" refers to the Initial Term and any Renewal Terms.
12. Ownership.
Except as otherwise set forth herein, all right, title and interest in and to all, (i) registered and unregistered trademarks, service marks, designs and logos; (ii) patents, patent applications, and patentable ideas, inventions, and/or improvements; (iii) trade secrets, proprietary information, and know-how; (iv) all divisions, continuations, reissues, renewals, and extensions thereof now existing or hereafter filed, issued, or acquired; (v) registered and unregistered copyrights including, without limitation, any forms, images, audiovisual displays, text, software and (vi) all other intellectual property, proprietary rights or other rights related to intangible property which are used, developed, comprising, embodied in, or practiced in connection with any of the VeriSign services identified herein ("VeriSign Intellectual Property Rights") are owned by VeriSign or its licensors, and RA agrees to make no claim of interest in or ownership of any such VeriSign Intellectual Property Rights. RA acknowledges that no title to the VeriSign Intellectual Property Rights is transferred to it, and that it does not obtain any rights, express or implied, in the VeriSign or its licensors' service, other than the rights expressly granted in this Agreement. To the extent that RA creates any Derivative Work (any work that is based upon one or more preexisting versions of a work provided to RA, such as an enhancement or modification, revision, translation, abridgement, condensation, expansion, collection, compilation or any other form in which such preexisting works may be recast, transformed or adapted) such Derivative Work shall be owned by VeriSign and all right, title and interest in and to each such Derivative Work shall automatically vest in VeriSign. RA hereby assigns and agrees to assign to VeriSign with full title guarantee any and all right, title and interest (including copyright) RA may have in the Derivative Work and all portions and copies thereof in any form. If despite RA's desire that all rights to Derivative Work vests automatically in VeriSign, it is determined that RA or its employees or agents retain moral rights in Derivative Work, RA hereby declares on its own behalf and on behalf of its employees and agents that: (a) it forever waives and agrees not to claim or assert its or their entitlements to any and all moral rights of an author in any works developed by it, him or her as provided for by applicable laws in force in each applicable jurisdiction; and (b) it shall obtain equivalent warranties from any employee or agent used in the production of any Derivative Work. VeriSign shall have no obligation to grant RA any right in any such Derivative Work. RA may not reverse engineer, disassemble or decompile the VeriSign Intellectual Property or make any attempt to obtain source code to the VeriSign Intellectual Property (save to the extent that RA cannot be prohibited from so doing under applicable law). RA has the right to use the RAA Certificates and Certificates under the terms and conditions of this Agreement.
13. Warranties.
13.1 VeriSign Warranties.
VeriSign warrants that (a) there are no errors introduced by VeriSign in the Certificate information as a result of VeriSign's failure to use reasonable care in creating the Certificate, (b) The Certificate(s) comply in all material respects with the VeriSign CPS, and (c) VeriSign's revocation services and use of a repository conform to the VeriSign CPS in all material aspects.
13.2 RA Warranties.
RA warrants to VeriSign that (a) all information material to the issuance of a Certificate and validated by or on behalf of RA is true and correct in all material respects; (b) without limiting the generality of the foregoing, RA's approval of Certificate Applications will not result in Erroneous Issuance, including but not limited to Erroneous Issuance resulting from Impersonation; (c) RA has substantially complied with the VeriSign CPS, the Handbook, and the RA Requirements; (d) no Certificate information provided to VeriSign (including e-mail addresses if applicable) infringes the intellectual property rights of any third parties; (e) the information in the Certificate Application(s) (including email address) has not been and will not be used for any unlawful purpose; (f) RAA has been (since the time of its creation) and will remain the only person(s) possessing the RAA Certificate(s) private key and no unauthorized person has had or will have access to the private key; (g) RAA has been (since the time of its creation) and will remain the only person possessing any challenge phrase), PIN, software, or hardware mechanism protecting the private key and no unauthorized person has had or will have access to the same; (h) RA is are using the RAA Certificate exclusively for authorized and legal purposes consistent with this Agreement; (i) RA is using the RAA Certificate(s) as a Registration Authority approving and rejecting Certificates, Certification revocation lists, or otherwise; (j) each Certificate has been accepted and is operational (not expired or revoked) at the time the Certificate is created; (k) RA manifests assent to this Agreement as a condition of obtaining an RA Certificate; (l) RA has all necessary rights (including consents) to provide information relating to Certificate Applicants provided under this Agreement to VeriSign to use in accordance with this Agreement and the VeriSign Privacy Statement which can be found in the Repository; and (m) RA will not monitor, interfere with or reverse engineer (save to the extent that RA cannot be prohibited from so doing under applicable law) the technical implementation of the VTN, except with the prior written approval from VeriSign, and shall not otherwise intentionally compromise the security of the VTN.
14. Disclaimers. RA AGREES THAT RA'S USE OF VERISIGN'S SERVICE(S) IS SOLELY AT RA'S OWN RISK. RA AGREES THAT ALL SUCH SERVICES ARE PROVIDED ON AN "AS IS" AND AS AVAILABLE BASIS, EXCEPT AS OTHERWISE NOTED IN THIS AGREEMENT. OTHER THAN AS SET FORTH IN SECTION 13.1, VERISIGN EXPRESSLY (I) DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, GUARANTEES, TERMS OR CONDITIONS OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, SATISFACTORY QUALITY AND NON-INFRINGEMENT TO THE EXTENT PERMITTED BY APPLICABLE LAW; (II) DOES NOT MAKE ANY REPRESENTATION, WARRANTY, GUARANTEE, TERM OR CONDITION THAT THE SERVICE WILL MEET YOUR REQUIRMENTS, OR THAT THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE OR ERROR FREE; AND (III) DOES NOT MAKE ANY REPRESENTATION, WARRANTY, GUARANTEE, TERM OR CONDITION AS TO THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICE OR TO THE ACCURACY OR RELIABILITY OF ANY INFORMATION OBTAINED THROUGH THE SERVICE. RA UNDERSTANDS AND AGREES THAT ANY MATERIAL AND/OR DATA DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF VERISIGN'S SERVICES IS DONE AT RA'S OWN DISCRETION AND RISK. TO THE EXTENT JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN REPRESENTATIONS, WARRANTIES, GUARANTEES, TERMS OR CONDITIONS, SOME OF THE ABOVE EXCLUSIONS MAY NOT APPLY TO RA. VERISIGN IS NOT RESPONSIBLE FOR AND SHALL HAVE NO LIABILITY WITH RESPECT TO ANY PRODUCTS AND/OR SERVICES PURCHASED BY RA FROM A THIRD PARTY. RA BEARS EXCLUSIVE RESPONSIBILITY, TO ANY AND ALL PERSONS, FOR THE VALIDATION OF ALL APPLICATIONS THAT RA APPROVES, DETERMINATION OF WHETHER A CERTIFICATE APPLICANT IS ELIGIBLE TO OBTAIN AND USE A CERTIFICATE IN ACCORDANCE WITH THE APPLICABLE SUBSCRIBER AGREEMENT, AND CONDUCT OF RAAs AND CERTIFICATE APPLICANTS RECEIVING CERTIFICATES HEREUNDER. VERISIGN DISCLAIMS ALL SUCH RESPONSIBILITY AND LIABILITY AS FAR AS IT IS PERMISSIBLE TO DO SO UNDER RELEVANT APPLICABLE LAW.
15. Limitations of Liability.
THIS SECTION 15 APPLIES TO LIABILITY UNDER CONTRACT (INCLUDING BREACH OF WARRANTY), TORT (INCLUDING NEGLIGENCE AND/OR STRICT LIABILITY), AND ANY OTHER LEGAL OR EQUITABLE FORM OF CLAIM. IF RA INITIATES ANY CLAIM, ACTION, SUIT, ARBITRATION, OR OTHER PROCEEDING RELATING TO SERVICES PROVIDED UNDER THIS AGREEMENT, TO THE EXTENT PERMITTED BY APPLICABLE LAW, VERISIGN SHALL NOT BE LIABLE FOR (A) ANY LOSS OF PROFIT, BUSINESS, CONTRACTS, REVENUE OR ANTICIPATED SAVINGS, OR (B) ANY INDIRECT OR CONSEQUENTIAL LOSS. VERISIGN'S TOTAL LIABILITY FOR DAMAGES SUSTAINED BY RA AND ANY THIRD PARTY FOR ANY USE OR RELIANCE ON A SPECIFIC CERTIFICATE SHALL BE LIMITED, IN THE AGGREGATE, TO ONE HUNDRED THOUSAND U.S. DOLLARS (US$100,000.00) OR THE LOCAL CURRENCY EQUIVALENT THEREOF.
THE LIABILITY LIMITATIONS PROVIDED IN THIS SECTION 15 SHALL BE THE SAME REGARDLESS OF THE NUMBER OF DIGITAL SIGNATURES, TRANSACTIONS, OR CLAIMS RELATED TO SUCH CERTIFICATE(S). TO THE EXTENT JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF CERTAIN LIABILITY LIMITATIONS, SOME OF THE ABOVE EXCLUSIONS MAY NOT APPLY TO RA.
16. Indemnity.
RA agrees to release, indemnify, defend and hold harmless VeriSign and any of its contractors, agents, employees, officers, directors, shareholders, affiliates and assigns from all liabilities, claims, damages, costs and expenses, including reasonable attorney's fees and expenses, of third parties relating to or arising out of (a) this Agreement or the breach of RA's warranties, representations and obligations under this Agreement, (b) falsehoods or misrepresentations of fact by RA on the Certificate Application(s), (c) any infringement of any intellectual property or other proprietary right of any person or entity arising from any information or content provided by RA, (d) failure to disclose a material fact on the Certificate Application(s) if the misrepresentation or omission was made negligently or with intent to deceive any party, (e) failure to protect the private key, or use a trustworthy system, or to take the precautions necessary to prevent the compromise, loss, disclosure, modification or unauthorized use of the private key under the terms of this Agreement. When VeriSign is threatened with suit or sued by a third party, it may seek written assurances from RA concerning RA's promise to indemnify VeriSign. RA's failure to provide those assurances may be considered by VeriSign to be a material breach of this Agreement. VeriSign shall have the right to participate in any defense by RA of a third-party claim related to RA's use of any VeriSign services, with counsel of VeriSign's choice at the expense of RA. RA shall have sole responsibility to defend VeriSign against any claim, but RA must receive VeriSign's prior written consent regarding any related settlement. The terms of this Section 16 will survive any termination or cancellation of this Agreement.
17. Termination.
The term of this Agreement is one (1) year starting on the date RA accepts this Agreement by clicking the "I Accept" button. This Agreement may be terminated (a) by either party immediately upon the institution by or against the other party of insolvency, receivership, or bankruptcy proceedings, upon any assignment for the benefit of the other party's creditors, or upon the other party's dissolution or ceasing to do business; (b) by VeriSign immediately and without prior notice in the event of a breach of any of the duties, obligations, terms, or provisions of this Agreement (a "Breach") by RA if the Breach may compromise the security of the VTN; (c) in the event of any other Breach by a party, upon thirty (30) days' written notice by the non-breaching party and the breaching party's failure to cure such Breach within the thirty (30) day notice period; (d) upon RA's change of organizational name and/or Domain or Intranet Domain registration; or (e) by RA if VeriSign amends the VeriSign CPS, the Handbook, or the RA Requirements, and if the RA believes in good faith that such amendment materially deprives it of the benefit of this Agreement. Upon termination of this Agreement, RA will immediately remove all references to VeriSign Intellectual Property and all links from each RA's website and cease the use of VeriSign's Intellectual Property.
18. Survival.
Any payment obligations which accrued prior to termination or expiration of this Agreement; Sections 11, 12, 13, 14, 15, 16, 17, 18, 21, 22, 24, 26, 27 and 28; the revocation requirements under Section 6.5 of this Agreement; and the security requirement under the RA Requirements and the Handbook, shall survive the expiration or termination of this Agreement.
19. Force Majeure.
Except for payment and indemnity obligations hereunder, neither party shall be deemed in default hereunder, nor shall it hold the other party responsible for, any cessation, interruption or delay in the performance of its obligations hereunder due to earthquake, flood, fire, storm, natural disaster, act of God, war, armed conflict, terrorist action, labor strike, lockout, boycott or other matter outside its reasonable control, provided that the party relying upon this Section 19 (i) shall have given the other party prompt written notice thereof and (ii) shall take all reasonable steps reasonably necessary under the circumstances to mitigate the effects of the force majeure event; provided further, that in the event a force majeure event described in this Section 19 extends for a period in excess of thirty (30) days in aggregate, the other party may immediately terminate this Agreement.
20. Severability.
RA agrees that the terms of this Agreement are severable. If any term or provision is declared invalid or unenforceable, in whole or in part, that term or provision will not affect the remainder of this Agreement; this Agreement will be deemed amended to the extent necessary to make this Agreement enforceable, valid and, to the maximum extent possible consistent with applicable law, consistent with the original intentions of the parties; and the remaining terms and provisions will remain in full force and effect.
21. Governing Law.
The parties agree that any disputes related to the services provided under this Agreement shall be governed in all respects by and construed in accordance with the laws of the State of California, United States of America, excluding its conflict of laws rules. The parties agree that the United Nations Convention on Contracts for the International Sale of Goods shall not apply to this Agreement.
22. Dispute Resolution.
To the extent permitted by law, before RA may invoke any dispute resolution mechanism with respect to a dispute involving any aspect of this Agreement, RA shall notify VeriSign, and any other party to the dispute for the purpose of seeking dispute resolution. If the dispute is not resolved within sixty (60) days after the initial notice, then a party may proceed in accordance with the following:
(i) When each party to the dispute is a Canadian or U.S. resident or organization situated or doing business in Canada or the United States. All suits to enforce any provision of this Agreement or arising in connection with this Agreement shall be brought in the United States District Court for the Northern District of California or the Superior or Municipal Court in and for the County of Santa Clara, California, U.S.A. The parties agree that such courts shall have exclusive in personam jurisdiction and venue and the parties submit to the exclusive in personam jurisdiction and venue of such courts. The parties further waive any right to a jury trial regarding any action brought in connection with this Agreement.
(ii) Where one or more parties to the dispute is not a Canadian or U.S. resident or organization situated or doing business in Canada or the United States. All disputes arising in connection with this Agreement shall be finally settled under the Rules of Conciliation and Arbitration of the International Chamber of Commerce (ICC) as modified as necessary to reflect the provisions herein by one or more arbitrators. The place of arbitration shall be in Geneva in Switzerland and the proceedings shall be conducted in English. In cases involving a single arbiter, that single arbiter shall be appointed by mutual agreement of the parties. If the parties fail to agree to an arbiter within fifteen (15) days, the ICC shall choose an arbiter knowledgeable in computer software law, information security and cryptography or otherwise having special qualifications in the field, such as a lawyer, academician, or judge in common law jurisdiction. Nothing in this Agreement will be deemed as preventing either party from seeking injunctive relief (or any other provisional remedy) from any court having jurisdiction over the parties and the subject matter of this dispute as is necessary to protect either party's name, proprietary information, trade secret, know-how, or, or any other intellectual property rights.
23. Independent Contractors.
The parties to this Agreement are independent contractors. Neither party is an agent, representative, or partner of the other party. Neither party shall have any right, power or authority to enter into any agreement for or on behalf of, or incur any obligation or liability of, or to otherwise bind, the other party. This Agreement shall not be interpreted or construed to create an association, joint venture or partnership between the parties or to impose any partnership obligation or liability upon either party. Each party shall bear its own costs and expenses in performing this Agreement.
24. Non-Assignment.
Except as otherwise set forth herein, RA's rights under this Agreement are not assignable or transferable. Any attempt by RA's creditors to obtain an interest in RA's rights under this Agreement, whether by attachment, levy, garnishment or otherwise, renders this Agreement voidable at VeriSign's option.
25. Approval and Authorization.
This Agreement shall not be effective until VeriSign approves RA's Registration Authority application. RA warrants and represents that the representative submitting this Agreement on its behalf has been duly authorized to do so by RA.
26. Notices and Communications.
You will make all notices, demands or requests to VeriSign with respect to this Agreement in writing to the "Contact" address listed on the website from where you purchased the Services, with a copy to: General Counsel, VeriSign, Inc., 487 E. Middlefield Road, Mountain View, California, USA 94043.
27. Entire Agreement.
This Agreement, the Handbook and RA Requirements, and the Seal License Agreement if applicable constitutes the entire understanding and agreement between VeriSign and RA with respect to the transactions contemplated, and supersedes any and all prior or contemporaneous oral or written representation, understanding, agreements or communication between VeriSign and RA concerning the subject matter hereof. Neither party is relying upon any warranties, representations, assurances or inducements not expressly set forth herein. Section headings are inserted for convenience of reference only and are not intended to be part of or to affect the meaning this Agreement. Terms and conditions in any purchase orders that are not included in this Agreement or that conflict with this Agreement are null and void.
28. For Customers of VeriSign UK Limited.
If you are a Customer of VeriSign UK Limited, the following provisions apply to you:
(i) To the extent that any Derivative Work does not automatically vest in VeriSign by operation of law in accordance with Section 12, such Derivative Work shall be expressly assigned to VeriSign by the RA with full title guarantee.
(ii) A breach of Section 12 (asserting right in VeriSign Intellectual Property Rights) shall give VeriSign the right to terminate only.
(iii) Nothing in this Agreement shall limit VeriSign's liability in respect of fraud or personal injury or death caused by its negligence. In particular, Sections 15 and 27 shall not apply to such liability.
29. For Customers of VeriSign Spain, S.L.
If you are a Customer of VeriSign Spain, S.L., nothing in this Agreement shall limit VeriSign's liability in respect of civil liability stated in the Spanish law 28/1994 of 6 July 1994 regarding civil liability for defective products.
30. For Customers of VeriSign France SA.
If you are a Customer of VeriSign France SA, nothing in this Agreement shall limit VeriSign's liability in respect of personal injury or death caused by an act or omission of VeriSign. In particular Sections 16 and 25 shall not apply to such liability.
VeriSign® Managed PKI for SSL, Managed PKI for SSL Premium Edition, Managed PKI for Intranet SSL, and Managed PKI for Intranet SSL Premium Edition Agreement Version 3.0