 |
|
Repository |
|
|
Managed PKI for SSL Agreement
VERISIGN MANAGED PKI FOR SSL SERVICES AGREEMENT
THIS VERISIGN MANAGED PKI
FOR SSL SERVICES AGREEMENT ("AGREEMENT") IS ENTERED INTO BETWEEN
VERISIGN (AS DEFINED BELOW), AND THE ENTITY YOU REPRESENT IN EXECUTING
THIS AGREEMENT ("YOU"). THIS AGREEMENT SETS FORTH THE TERMS
AND CONDITIONS APPLICABLE TO YOU IN PURCHASING MANAGED PKI FOR SSL CERTIFICATE
SERVICES (FORMERLY "ONSITE"). BY CLICKING "ACCEPT"
OR BY ACCEPTING A CERTIFICATE, YOU AGREE TO BECOME A PARTY TO, AND BE
BOUND BY, THESE TERMS. BY CLICKING "DECLINE", YOU INDICATE
THAT YOU DO NOT AGREE TO THESE TERMS, AND WILL NOT BE A VERISIGN RA.
ALL REFERENCES TO "VERISIGN"
IN THIS AGREEMENT SHALL MEAN THE SPECIFIC VERISIGN ENTITY SPECIFIED
ON THE HOMEPAGE OF THE WEBSITE ON WHICH YOU APPLIED FOR THE SERVICE.
DEFINITIONS
“Certificate” or “Digital Certificate” means a message
that, at least, states a name or identifies the issuing CA, identifies
the Subscriber, contains the Subscriber’s public key, identifies the
Certificate’s Operational Period, contains a Certificate serial number,
and contains a digital signature of the issuing CA.
“Certificate Application” means a request to a CA
for the issuance of a Certificate.
“Certification Authority” or “CA” means an entity
authorized to issue, suspend, or revoke Certificates. For purposes
of this Agreement, CA shall mean VeriSign.
“Certification Practice Statement” or “CPS” means
a document, as revised from time to time, representing a statement of
the practices a CA or RA employs in issuing Certificates. VeriSign’s
CPS is published at *http://www.verisign.com/repository/cps.
“Code Signing Certificate” means a VeriSign Class
3 organizational code signing certificate used by software developers
and content publishers to digitally-sign code for secure delivery over
networks.
“Confidential Information” means material, data, systems
and other information concerning the operation, business, projections,
market goals, financial affairs, products, services, customers and Intellectual
Property Rights of the other party that may not be accessible or known
to the general public. Confidential Information shall include, but not
be limited to, the terms of this Agreement, and any information which
concerns technical details of operation of any of VeriSign’s services,
software or hardware offered or provided hereunder.
“Erroneous Issuance” means (a) issuance of a Certificate
in a manner not materially in accordance with the procedures required
by the Managed PKI for SSL Administrator’s Handbook; (b) issuance of
a Certificate to a Subscriber other than the one named as the subject
of the Certificate; or (c) issuance of a Certificate without the authorization
of the Subscriber that is the subject of the Certificate.
“Intellectual Property Rights” means any and all now
known or hereafter existing rights associated with intangible property,
including but not limited to registered and unregistered, United States
and foreign copyrights, trade dress, trade names, corporate names, logos,
inventions, patents, patent applications, software, know-how and all
other intellectual property and proprietary rights (of every kind and
nature throughout the universe and however designated).
“NetSure Protection Plan” shall mean the extended
warranty program offered by VeriSign.
“Operational Period” means a period starting with
the date and time a Certificate is issued (or on a later date and time
certain if stated in the Certificate) and ending with a date and time
at which the Certificate expires or is earlier revoked.
“Registration Authority” or “RA” means an entity approved
by a CA to assist persons in applying for Certificates and/or revoking
(or where authorized, suspending) Certificates, and approving such applications,
in connection with the service. An RA is not the agent of a Certificate
Applicant, and may not delegate the authority to approve Certificate
Applications other than to authorized RAAs of the RA.
“Registration Authority Administrator” or “RAA” is
appointed by an RA and responsible for carrying out the functions of
an RA.
"SSL Certificate" means a Class 3 organizational
certificate used to support SSL sessions between a web browser and web
server that uses encryption.
“Subscriber” means a person, organization or entity who is the owner
of or has the right to the device that is the subject of, and has been
issued, a Certificate, and is capable of using, and is authorized to
use, the private key that corresponds to the public key listed in the
Certificate at issue.
“Subscriber Agreement” is the agreement executed between
a Subscriber and the CA or VeriSign relating to the provision of designated
Certificate-related services that governs the Subscriber’s rights and
obligations related to the Certificate.
“VeriSign Trust Network” or “VTN” means the Certificate-based
Public Key Infrastructure governed by the VeriSign Trust Network certificate
policies, which enables the worldwide deployment and use of Certificates
by VeriSign and its affiliates, and their respective customers, Subscribers,
and relying parties.
1. APPOINTMENT
(a) Appointment. VeriSign hereby appoints you as
a non-VeriSign RA within the VeriSign VTN pursuant to the VeriSign CPS,
and you accept such appointment.
(b) VeriSign CPS and Managed PKI for SSL Administrator’s Handbook.
You shall meet all requirements and perform all obligations imposed
upon an RA within the VTN, which shall include, but is not limited to
(i) the VeriSign CPS, as periodically amended; (ii) the Managed PKI
for SSL Administrator’s Handbook published at the Managed PKI Control
Center, as periodically amended (“Handbook”); and (iii) the duties in
Section 2 below. VeriSign shall notify the individual you appoint
as your Registration Authority Administrator (“RAA”) of any amendments
by posting the information to the Managed PKI Control Center.
2. YOUR OBLIGATIONS
(a) Appointment. You shall appoint one or more
of your employees as RAA(s). Such RAA(s) shall be entitled to
appoint additional RAAs on your organization’s behalf. You shall
cause your RAAs receiving Certificates hereunder to abide by the terms
of the applicable Subscriber Agreement, which can be found in the Handbook.
(b) Administrator Functions. You shall comply with
the requirements set forth in the VeriSign CPS and the Handbook for
validating the information in Certificate Applications, approving or
rejecting such Certificate Applications, using hardware and software
designated by VeriSign, and revoking Certificates. You shall perform
such tasks in a competent, professional, and workmanlike manner.
You shall approve a Certificate Application only if (i) the application
was made on behalf of a device or internet domain (for purposes of approving
SSL Certificates) or a software publisher (for purposes of approving
Code Signing certificates) within your organization; and (ii) your RA
has authorized the use of your organizational name in the Certificate.
If your RAA ceases to have the authority to act as RAA on your behalf,
then you shall promptly revoke such authority. If your organizational
name and/or domain registration changes, then your RAA shall promptly
request revocation of all Certificates issued therein. You shall
not disclose any challenge phrase, PIN, software, or hardware mechanism
protecting the RAA Certificate private key to a third party.
(c) Survival. In addition to the termination, revocation,
and security provisions set forth in this Agreement, the VeriSign CPS
and the Handbook shall survive termination of this Agreement until the
end of the Operational Period of all Certificates issued hereunder.
(d) Certificate Restrictions. You shall not use
a SSL Certificate (i) for or on behalf of any organization other than
your own; (ii) to perform private or public key operations in connection
with any domain name and/or organization name other than the one(s)
submitted by your RAA during enrollment; (iii) on more than one physical
server or device at a time, unless you have selected the specific licensing
option that permits the use of a Certificate on one physical device
with additional Certificate licenses for each physical server that each
device manages, or where replicated Certificates may otherwise reside
(the "Licensed Certificate Option"). You acknowledge
that the Licensed Certificate Option can result in increased security
risks to your network and VeriSign expressly disclaims any liability
for breaches of security that result from the distribution of a single
key across multiple devices. VERISIGN CONSIDERS THE UNLICENSED USE OF
A SSL CERTIFICATE ON A DEVICE THAT RESIDES ABOVE A SERVER OR SERVER
FARM SOFTWARE PIRACY AND WILL PURSUE VIOLATORS TO THE FULLEST EXTENT
OF THE LAW. Certificates purchased under the Licensed Certificate
Option limit the amount of recovery under the NetSure Protection Plan
to ten thousand US dollars (US$10,000) or the local currency equivalent
thereof. You shall not use a Code Signing Certificate: (iv) for
or on behalf of any organization other than your own; (v) to perform
private or public key operations in connection with any domain and/or
organization name other than the one you submitted on your Certificate
Application; (vi) to distribute malicious or harmful content of any
kind including, but not limited to, content that would otherwise have
the effect of inconveniencing the recipient of such content; or (vii)
in a manner that transfers control or permits access for the private
key corresponding to the public key of the Certificate to anyone other
than an employee that you have authorized (any such transfer to be in
a secure manner so as to protect the private key). The following
terms and conditions apply to the MPKI for Intranet SSL and MPKI for
Intranet SSL Premium Certificate Services: Intranet SSL Certificates
shall be used only with intranet domains and may not be assigned to
devices that are publicly accessible from the Internet. VeriSign
reserves the right to monitor publicly-facing Internet servers and/or
devices to ensure that Intranet SSL Certificates comply with this Section
2. If VeriSign discovers any use of Intranet SSL Certificate(s)
not in compliance with Section 2, then VeriSign shall immediately notify
your RAA of non-compliance. Your RAA must, within twenty (24)
hours, either (1) immediately move the Intranet SSL Certificate to an
intranet domain; or (2) remove and revoke the Intranet SSL Certificate
from your servers. If your RAA does not revoke or remove the non-compliant
Certificate, then VeriSign may revoke the RAA Certificate.
(e) Your Warranties. You warrant that (i) all information
material to the issuance of a Certificate and validated by you or on
your behalf is true and correct in all material respects; (ii) your
approval of Certificate Applications will not result in Erroneous Issuance;
(iii) you have substantially complied with the VeriSign CPS, the Handbook,
and your obligations set forth herein; (iv) no Certificate information
provided to VeriSign infringes the intellectual property rights of any
third party; (v) the information your provide in the Certificate Application(s)
(including email address(es)) has not been and will not be used for
any unlawful purpose; (vi) your RAA has been (since the time of the
RAA Certificate’s creation) and will remain the only person possessing
the RAA Certificate private key, or any challenge phrase, PIN, software,
or hardware mechanism protecting the private key, and no unauthorized
person has had or will have access to such materials or information;
(vii) you will use the RAA Certificate exclusively for authorized and
legal purposes consistent with this Agreement; and (viii) you will not
monitor, interfere with or reverse engineer the technical implementation
of the VeriSign systems or software or the VTN, except with the prior
written approval from VeriSign, and shall not otherwise intentionally
compromise the security of the VeriSign systems or software or the VTN.
3. ADDITIONAL SERVICE TERMS
Each Managed PKI for SSL Service license may support
multiple organizations and multiple domain names, as long as each organization
and related domain name(s) is owned and registered to the organization
that owns the account. This Service is not intended for service providers
that issue certificates to unrelated organizations and may not be used
for such purpose. If you choose to display VeriSign's Secured
Seal, then you must install and display such seal only in accordance
with the VeriSign Secured Seal License Agreement posted on VeriSign’s
website. Note that a “unit” refers to the volume of Certificates
purchased; for example, a one-year Certificate has the value of one
unit; a two-year Certificate shall require two units, etc. Further,
utilization of either of the additional features below may increase
the number of units required for issuance of the Certificate: (a) Licensed
Certificate Option--Each Certificate shall be used on up to one physical
server or device unless Customer has selected the “Licensed Certificate
Option” that permits the use of a Certificate on one physical device
with additional Certificate licenses for each physical server that each
device manages, or where replicated Certificates may otherwise reside.
Under this Option, each certificate license has the value of one unit;
thus, for example, a one-year Certificate that is used to secure three
devices shall require three units, and a two-year Certificate that is
used to secure three devices shall require six units, etc; (b) Subject
Alternative Name Option--Each Certificate shall be used to secure up
to one domain unless Customer has selected the “SubAltName Option” that
permits the use of a Certificate to secure multiple domains. There
is a limit of twenty domains or “SubAltNames” per Certificate.
Under this option, each domain has the value of one unit; thus, for
example, a one-year Certificate that is used to secure three domains
shall require three units, and a two-year Certificate that is used to
secure three domains shall require six units, etc. Certificate units
may be purchased and pre-loaded into Customer’s account. However,
any Unit not issued (i.e., redeemed for Certificates) within 12 months
of purchase shall automatically expire.
4. VERISIGN’S OBLIGATIONS
(a) Services. VeriSign shall provide the services specified
in this Agreement throughout its term. VeriSign shall issue, manage,
revoke, and/or renew Certificates in accordance with the instructions
you provide through your RAA(s). Upon your approval of a Certificate
Application, VeriSign shall (i) be entitled to rely upon the correctness
of the information in each such approved Certificate Application; and
(ii) issue a Certificate to the Certificate Applicant submitting such
Certificate Application. Notwithstanding the terms of the “Basic”
Service Level Agreement, no service level commitments will apply with
respect to the services provided herein unless a Gold or Platinum Service
Fee obligation is then in effect.
(b) RAA Certificate. VeriSign will notify you whether
your RAA Certificate Application is approved or rejected. If your
RAA Certificate Application is approved, VeriSign will issue an RAA
Certificate for use in accordance with this Agreement. After your
RAA picks up or otherwise installs the RAA Certificate, your RAA must
review the information in it before using it and promptly notify VeriSign
of any errors. Upon receipt of such notice, VeriSign will revoke
the RAA Certificate and issue a corrected RAA Certificate, subject to
the requirements set forth herein.
(c) VeriSign’s Warranties. VeriSign warrants that (i)
there are no errors introduced by VeriSign in the Certificate information
as a result of VeriSign's failure to use reasonable care in creating
the Certificate; (ii) its issuance of Certificates shall comply in all
material respects with its CPS; and (iii) its revocation services and
use of a repository conform to its CPS in all material aspects.
5. PROPRIETARY RIGHTS
You acknowledge that VeriSign and its licensors retain
all Intellectual Property Rights and title in and to all of their Confidential
Information or other proprietary information, products, services, and
the ideas, concepts, techniques, inventions, processes, software or
works of authorship developed, embodied in, or practiced in connection
with the services provided by VeriSign hereunder, including without
limitation all modifications, enhancements, derivative works, configurations,
translations, upgrades, and interfaces thereto (all of the foregoing
“ VeriSign Works”). VeriSign Works do not include your preexisting hardware,
software, or networks. Nothing in this Agreement shall create
any right of ownership or license in and to the other party’s Intellectual
Property Rights and each party shall continue to independently own and
maintain its Intellectual Property Rights.
6. FEES, PAYMENTS, AND TAXES
As consideration for the services procured through
the MPKI for SSL console, you shall pay VeriSign the applicable fees
set forth on the console at the time of your selection, or, if applicable,
upon receipt of the applicable invoice from VeriSign. All fees are due
immediately and are non-refundable, except as otherwise expressly stated.
Any renewal of certificate services with VeriSign is subject to then-current
terms and conditions, including, but not limited to, successful completion
of any applicable authentication procedure, and payment of all applicable
service fees at the time of renewal. VeriSign will provide you with
notice prior to the expiration of services at least thirty (30) days
in advance of the renewal date. You shall be solely responsible for
the credit card information provided to VeriSign and must promptly inform
VeriSign of any changes thereto (e.g., change of expiration date or
account number). In addition, you are solely responsible for ensuring
the services are renewed. VeriSign shall have no liability to you or
any third party in connection with the renewal as described herein,
including, but not limited to, any failure or errors in renewing the
services. All sums due and payable that remain unpaid after any applicable
cure period herein will accrue interest as a late charge of 1.5% per
month or the maximum amount allowed by law, whichever is less.
The fees stated are exclusive of tax. All taxes, duties, fees
and other governmental charges of any kind (including sales, services,
use, and value-added taxes, but excluding taxes based on the net income
of VeriSign) which are imposed by or under the authority of any government
or any political subdivision thereof on the fees for any of the Services
shall be borne by you and shall not be considered a part of, a deduction
from or an offset against such fees. All payments due to VeriSign
shall be made without any deduction or withholding on account of any
tax, duty, charge or penalty except as required by law in which case
the sum payable by you in respect of which such deduction or withholding
is to be made shall be increased to the extent necessary to ensure that,
after making such deduction or withholding, VeriSign receives and retains
(free from any liability in respect thereof) a net sum equal to the
sum it would have received but for such deduction or withholding being
required.
7. CONFIDENTIAL INFORMATION
The parties acknowledge that by reason of their relationship
under this Agreement, they may have access to and acquire Confidential
Information of the other party. Each party receiving Confidential
Information (the “Receiving Party”) agrees to maintain all such Confidential
Information received from the other party (the “Disclosing Party”),
both orally and in writing, in confidence and agrees not to disclose
or otherwise make available such Confidential Information to any third
party without the prior written consent of the Disclosing Party; provided,
however, that the Receiving Party may disclose the terms of this Agreement
to its legal and business advisors if such third parties agree to maintain
the confidentiality of such Confidential Information under terms no
less restrictive than those set forth herein. The Receiving Party
further agrees to use the Confidential Information only for the purpose
of performing this Agreement. Notwithstanding the foregoing, the
obligations set forth herein shall not apply to Confidential Information
which: (i) is or becomes a matter of public knowledge through no fault
of or action by the Receiving Party; (ii) was lawfully in the Receiving
Party’s possession prior to disclosure by the Disclosing Party; (iii)
subsequent to disclosure, is rightfully obtained by the Receiving Party
from a third party who is lawfully in possession of such Confidential
Information without restriction; (iv) is independently developed by
the Receiving Party without resort to the Confidential Information;
or (v) is required by law or judicial order, provided that the Receiving
Party shall give the Disclosing Party prompt written notice of such
required disclosure in order to afford the Disclosing Party an opportunity
to seek a protective order or other legal remedy to prevent the disclosure,
and shall reasonably cooperate with the Disclosing Party's efforts to
secure such a protective order or other legal remedy to prevent the
disclosure. In addition, VeriSign’s treatment of any of your information
collected through the VeriSign website will be in accordance with VeriSign’s
published Privacy Statement.
8. INDEMNIFICATION
(a) Indemnification. Each party hereto (the “Indemnitor”)
agrees to, and shall, indemnify, defend and hold harmless the other
party hereto (the “Indemnitee”), and its directors, shareholders, officers,
agents, employees, successors and assigns from any and all third party
claims, suits, proceedings, judgments, damages, and costs (including
reasonable attorneys' fees and expenses) arising from, in connection
with or related in any way to, directly or indirectly, (i) the Indemnitor’s
material breach of any representation or warranty of the Indemnitor
including, but not limited, to any actual or alleged breach of the Subscriber
Agreement by a Subscriber receiving a Certificate hereunder, (ii) the
gross negligence or willful misconduct of the Indemnitor, its employees,
agents, or contractors in the performance of this Agreement, and (iii)
solely with respect to VeriSign’s indemnification, and subject to VeriSign’s
rights under Section 8(b), any alleged infringement of any United States
patent, copyright or trade secret by the unmodified services as delivered
by VeriSign (excluding any open source components or third party specifications).
The Indemnitee shall promptly notify the Indemnitor of any such claim,
and the Indemnitor shall bear full responsibility for the defense of
such claim (including any settlements); provided however, that:
(iv) the Indemnitor shall keep the Indemnitee informed of, and consult
with the Indemnitee in connection with the progress of such litigation
or settlement; (v) the Indemnitor shall not have any right, without
the Indemnitee’s written consent, which consent shall not be unreasonably
withheld, to settle any such claim if such settlement arises from or
is part of any criminal action, suit or proceeding or contains a stipulation
to or admission or acknowledgment of, any liability or wrongdoing (whether
in contract, tort or otherwise) on the part of the Indemnitee, or requires
any specific performance or non-pecuniary remedy by the Indemnitee;
and (vi) the Indemnitee shall have the right to participate in the defense
of a claim with counsel of its choice at its own expense.
(b) VeriSign Options Related to Intellectual Property Infringement
Claims. In the event of any claim, suit, or proceeding
subject to Section 8(a)(iii) above, VeriSign shall have the right, at
its sole option, to obtain the right to continue use of the affected
services or to replace or modify the affected services so that they
may be provided by VeriSign and used by you without infringement of
third party United States patent, copyright or trade secret rights.
If neither of the foregoing options is available to VeriSign on a commercially
reasonable basis, VeriSign may terminate the applicable purchase order
immediately upon written notice to you, and within thirty (30) days
after such termination, pay you a termination fee equal to the prorated
portion of any fees you paid in advance commensurate with the remaining
portion of the service period for which such fees were paid. NOTWITHSTANDING
ANY OTHER PROVISION OF THIS AGREEMENT, THE RIGHTS AND REMEDIES SET FORTH
IN SECTIONS 7(a)(iii) AND 7(b) CONSTITUTE THE ENTIRE OBLIGATION OF VERISIGN
AND YOUR EXCLUSIVE REMEDIES WITH RESPECT TO THE SUBJECT MATTER THEREOF.
9. LIMITATION OF LIABILITY AND WARRANTY DISCLAIMERS
THE LIMITATION PROVIDED HEREIN WILL APPLY WITH RESPECT
TO ALL DAMAGES, CLAIMS, OR OTHER LOSSES RELATING TO ANY CERTIFICATE
ISSUED HEREUNDER. VERISIGN'S TOTAL LIABILITY FOR DAMAGES SUSTAINED
BY YOU FOR USE AND RELIANCE ON A SPECIFIC CERTIFICATE SHALL BE LIMITED,
IN THE AGGREGATE, TO ONE HUNDRED THOUSAND DOLLARS ($100,000).
THE LIABILITY LIMITATIONS PROVIDED HEREIN SHALL BE THE SAME REGARDLESS
OF THE NUMBER OF DIGITAL SIGNATURES, TRANSACTIONS, OR CLAIMS RELATED
TO SUCH CERTIFICATE. VERISIGN SHALL NOT BE OBLIGATED TO PAY MORE
THAN THE TOTAL LIABILITY LIMITATION FOR EACH CERTIFICATE. FURTHER,
NEITHER PARTY WILL BE LIABLE FOR ANY CONSEQUENTIAL, INDIRECT, SPECIAL,
PUNITIVE, INCIDENTAL OR EXEMPLARY DAMAGES, INCLUDING WITHOUT LIMITATION
LOST PROFITS OR REVENUES, WHETHER FORESEEABLE OR UNFORESEEABLE, EVEN
IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
EXCEPT FOR THE EXPRESS LIMITED WARRANTIES PROVIDED HEREIN, VERISIGN
DISCLAIMS ALL OTHER WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING
WITHOUT LIMITATION, ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE, SATISFACTION OF CUSTOMER REQUIREMENTS, NON-INFRINGEMENT,
AND ANY WARRANTY ARISING OUT OF A COURSE OF PERFORMANCE, DEALING OR
TRADE USAGE. NOTWITHSTANDING THE FOREGOING, A PARTY’S LIABILITY
SHALL NOT BE LIMITED UNDER THIS SECTION 9 IN CASES OF PERSONAL INJURY
OR DEATH ARISING FROM A PARTY’S NEGLIGENCE. TO THE EXTENT JURISDICTIONS
DO NOT ALLOW THE EXCLUSION OF CERTAIN LIABILITY LIMITATIONS, SOME OF
THE ABOVE EXCLUSIONS MAY NOT APPLY.
10. TERM AND TERMINATION
(a) Term and Termination. This Agreement shall
commence on the date you click the "ACCEPT" button and shall
continue for successive one (1) year term(s), until the earlier of (i)
the expiration of all Certificates issued hereunder; or (ii) a termination
pursuant to section 10(b) below.
(b) Termination for Default. In the event
of a material breach of this Agreement (excluding any breaches for which
an exclusive remedy is expressly provided), the non-breaching party
may terminate this Agreement if such breach is not cured within thirty
(30) days after written notice thereof.
(c) Effect of Termination. You shall cease using
the Services upon termination. Further, any termination of this
Agreement shall not relieve either party of any obligations that accrued
prior to the date of such termination. Sections 2(c), 5, 6, 7,
8 and 9 shall survive the termination of this Agreement for any reason.
11. GENERAL PROVISIONS
(a) Notices. You shall make all notices, demands
or requests to VeriSign with respect to this Agreement in writing (excluding
email) to the “Contact” address listed on the website from which you
purchased the Services, with a copy to the General Counsel, 487 E. Middlefield
Road, Mountain View, CA 94043, USA.
(b) Entire Agreement. This Agreement (including
any purchase orders issued hereunder) and any Subscriber Agreement,
where applicable, constitute the entire understanding and Agreement
between VeriSign and you with respect to any service purchased hereunder,
and supersedes any and all prior or contemporaneous oral or written
representation, understanding, agreement or communication relating thereto.
(c) Amendments and Waiver. Any term or provision
of this Agreement (including any purchase orders) may be amended, and
the observance of any term of this Agreement may be waived, only by
a writing in the form of a non-electronic record referencing this Agreement
and signed by the parties to be bound thereby, and this Agreement may
not be modified or extended solely by submission of a purchase order
or similar instrument referencing this Agreement.
(d) Force Majeure. Neither party shall be deemed
in default hereunder, nor shall it hold the other party responsible
for, any cessation, interruption or delay in the performance of its
obligations hereunder (excluding payment obligations) due to earthquake,
flood, fire, storm, natural disaster, act of God, war, terrorism, armed
conflict, labor strike, lockout, boycott or other similar events beyond
the reasonable control of such party, provided that the party relying
upon this provision: (i) gives prompt written notice thereof,
and (ii) takes all steps reasonably necessary to mitigate the effects
of the force majeure event; provided further, that in the event a force
majeure event extends for a period in excess of thirty (30) days in
the aggregate, either party may immediately terminate this Agreement
upon written notice.
(e) Severability. In the event that any provision
of this Agreement should be found by a court of competent jurisdiction
to be invalid, illegal or unenforceable in any respect, the validity,
legality and enforceability of the remaining provisions contained shall
not, in any way, be affected or impaired thereby.
(f) Compliance with Law, Export Requirements, and Foreign Reshipment
Liability. Each party agrees that it shall comply with
all applicable federal, state and local laws, regulations, and export
requirements in connection with its performance under this Agreement.
Regardless of any disclosure you made to VeriSign of an ultimate destination
of any data acquired from VeriSign and, notwithstanding anything contained
in this Agreement to the contrary, you will not modify, export, or re-export,
either directly or indirectly, any technical data, or portions thereof,
without first obtaining any and all necessary licenses from the United
States government or agencies thereof or any other country that requires
an export license or other governmental approval at the time of modification,
export, or re-export. VeriSign shall have the right to suspend performance
of any of its obligations under this Agreement, without any prior notice
being required and without any liability to you, if you fail to comply
with this provision.
(g) Assignment. Neither party may assign or transfer
this Agreement or any obligation hereunder without the prior written
approval of the other party, except that VeriSign may assign or subcontract
its obligations under this Agreement to an entity which directly or
indirectly controls, is controlled by, or is under common control with
VeriSign, Inc. Any assignment in violation of this subsection (g) shall
be void. Subject to the foregoing, this Agreement shall be binding upon
and inure to the benefit of the successors and assigns of the parties.
(h) Independent Contractors. The parties to this
Agreement are independent contractors. Neither party is an agent,
representative, joint venturer, or partner of the other party.
Neither party shall have any right, power or authority to enter into
any Agreement for or on behalf of, or incur any obligation or liability
of, or to otherwise bind, the other party. Each party shall bear
its own costs and expenses in performing this Agreement.
(i) Governing Law. Any disputes related to the
services provided under this Agreement shall be governed in all respects
by and construed in accordance with the laws of the Commonwealth of
Virginia, United States of America, excluding its conflict of laws rules.
The United Nations Convention on Contracts for the International Sale
of Goods shall not apply to this Agreement.
(k) Dispute Resolution. To the extent permitted by law, before you invoke any dispute resolution
mechanism with respect to a dispute involving any aspect of this Agreement,
you shall notify VeriSign, and any other party to the dispute for the
purpose of seeking resolution. If the dispute is not resolved within
sixty (60) days after the initial notice, then a party may proceed in
accordance with the following:
(i) When each party to the dispute is a Canadian or
U.S. resident or organization situated or doing business in Canada or
the United States. All suits arising in connection with this Agreement
shall be brought in the United States District Court for the Eastern
District of Virginia or the state courts of Fairfax County, Virginia,
U.S.A. The parties agree that such courts shall have exclusive in personam
jurisdiction and the parties submit to the exclusive in personam jurisdiction
and venue of such courts. The parties further waive any right to a jury
trial regarding any action brought in connection with this Agreement.
(ii) Where one or more parties to the dispute is not
a Canadian or U.S. resident or organization situated or doing business
in Canada or the United States. All disputes arising in connection with
this Agreement shall be finally settled under the Rules of Conciliation
and Arbitration of the International Chamber of Commerce (ICC) as modified
as necessary to reflect the provisions herein by one or more arbitrators.
The place of arbitration shall be in Geneva, Switzerland, and the proceedings
shall be conducted in English. In cases involving a single arbiter,
that single arbiter shall be appointed by mutual agreement of the parties.
If the parties fail to agree to an arbiter within fifteen (15) days,
the ICC shall choose an arbiter knowledgeable in computer software law,
information security and cryptography or otherwise having special qualifications
in the field, such as a lawyer, academician, or judge in common law
jurisdiction.
Nothing in this Agreement will be deemed as preventing
either party from seeking injunctive relief (or any other provisional
remedy) from any court having jurisdiction over the parties and the
subject matter of this dispute as is necessary to protect either party's
Intellectual Property Rights.
(l) Order of Precedence. In the event of a conflict between
this Agreement and a Subscriber Agreement, the terms of the Subscriber
Agreement shall govern, but only in regard to the specific Certificate
at issue.
(m) English Version. If this Agreement is translated
in any language other than the English language, and in the event of
a conflict between the English language version and the translated version,
the English language version shall prevail in all respects.
VeriSign Managed PKI for
SSL Services Agreement version 4.0
|
|
|
