Re: [cabfpub] Limitation of Liability and Indemnification

Actually I was not correct what RPs and Subscribers get is certificates that they must accept. If they do, they are bound to CA's policy (CP/CPS) explicitly indicated in the certificate. Maybe the binding chain should look like this: BR/EVG --> Webtrust/ETSI schemes --> *Root Store schemes*

Re: [cabfpub] Limitation of Liability and Indemnification

Virginia, As Ryan stated, this requirement is about constraining the liability limits that CAs are allowed to place in their SA/RPA(s). If the CA isn’t permitted to enter in to an agreement with a liability limit lower than what is specified by the CA/B Forum and enforced by the root programs

Re: [cabfpub] BR 3.2.2.4.4 question

Yes. Pretty sure we’re all saying the same thing at this point. On Oct 12, 2017, at 4:02 PM, Moudrick M. Dadashov via Public > wrote: Yes. As the keyword in Jeremy's question was "translation" to other languages I thought those names (admin

Re: [cabfpub] Limitation of Liability and Indemnification

MD, If you can get the Relying Parties and Subscribers to sign the agreement with the limitations of liability and indemnification in it, then they are bound. But the rest does not require them to agree to those provisions. It’s entirely up to the Relying Parties and Subscribers to decide

Re: [cabfpub] Limitation of Liability and Indemnification

How about: BR/EVG --> Webtrust/ETSI schemes --> *Root Store schemes* --> Audit report --> CP/CPS --> Binding RPA/Subscriber Agreement Thanks, M.D On 10/13/2017 12:58 AM, Ryan Sleevi via Public wrote: On Thu, Oct 12, 2017 at 5:38 PM, Virginia Fournier via Public

Re: [cabfpub] BR 3.2.2.4.4 question

Yes. As the keyword in Jeremy's question was "translation" to other languages  I thought those names (admin etc.) shouldn't be treated as English words. Thanks, M.D. On 10/13/2017 12:49 AM, Ryan Sleevi wrote: Yes, it indicates the name of a mailbox, but that doesn't resolve the issue (as I

Re: [cabfpub] Limitation of Liability and Indemnification

On Thu, Oct 12, 2017 at 5:38 PM, Virginia Fournier via Public < public@cabforum.org> wrote: > Message: 3 > Date: Fri, 13 Oct 2017 00:18:33 +0300 > From: "Moudrick M. Dadashov" > To: Virginia Fournier via Public > Subject: Re: [cabfpub] Limitation of Liability

Re: [cabfpub] Limitation of Liability and Indemnification

Thank you, Virginia. I assumed binding works like this: BR/EVG --> Webtrust/ETSI audit schemes --> Audit report --> CP/CPS --> Binding RPA/Subscriber Agreement Agree? Thanks, M.D. On 10/13/2017 12:38 AM, Virginia Fournier via Public wrote: Message: 3 Date: Fri, 13 Oct 2017 00:18:33 +0300

Re: [cabfpub] BR 3.2.2.4.4 question

Yes, it indicates the name of a mailbox, but that doesn't resolve the issue (as I believe your intent was). That is, put differently, some Applicants are saying that a translated address delivers to the same local mailbox as the required address. This is no different than an Applicant saying

Re: [cabfpub] BR 3.2.2.4.4 question

Hi Ryan, My point was that the part before the @ symbol (local-part) identifies the name of a mailbox (it is not a word in any language, so it can't be translated). Correct? Thanks, M.D. On 10/13/2017 12:27 AM, Ryan Sleevi wrote: I'm not sure your point,

Re: [cabfpub] BR 3.2.2.4.4 question

I'm not sure your point, Moudrick? On Thu, Oct 12, 2017 at 5:14 PM, Moudrick M. Dadashov via Public < public@cabforum.org> wrote: > FYI: An addr-spec is a specific Internet identifier that contains a *locally > interpreted string* followed by the at-sign character ("@", ASCII value > 64)

Re: [cabfpub] Limitation of Liability and Indemnification

equirements.?Ben Wilson, JD, CISA, CISSPVP Compliance+1 801 701 9678? ___Public mailing listPublic@cabforum.orghttps://cabforum.org/mailman/listinfo/public? -- next part -- An HTML attachment was scrubbed... URL: <http://ca

Re: [cabfpub] BR 3.2.2.4.4 question

FYI: An addr-spec is a specific Internet identifier that contains a *locally interpreted string* followed by the at-sign character ("@", ASCII value 64) followed by an Internet domain. Thanks, M.D. On 10/13/2017 12:00 AM, Jeremy Rowley via Public wrote: Section 3.2.2.4.4 states that CAs can

[cabfpub] Limitation of Liability and Indemnification

edly to the contrary.?A CA's indemnification obligations and a Root CA?s obligations with respect to subordinate CAs are set forth in Section 9.9 of the Baseline Requirements.?Ben Wilson, JD, CISA, CISSPVP Compliance+1 801 701 9678? ___Public mailing listPublic@cabforum.orghttps:

Re: [cabfpub] BR 3.2.2.4.4 question

That was my thoughts as well, but I thought it might make a good discussion. I see them as keywords, not as words set in a particular language. From: Ryan Sleevi [mailto:sle...@google.com] Sent: Thursday, October 12, 2017 3:04 PM To: Jeremy Rowley ; CA/Browser

Re: [cabfpub] BR 3.2.2.4.4 question

On Thu, Oct 12, 2017 at 5:00 PM, Jeremy Rowley via Public < public@cabforum.org> wrote: > Section 3.2.2.4.4 states that CAs can validate an email by “(i) sending an > email to one or more addresses created by using 'admin', 'administrator', > 'webmaster', 'hostmaster', or 'postmaster' as the

[cabfpub] BR 3.2.2.4.4 question

Section 3.2.2.4.4 states that CAs can validate an email by “(i) sending an email to one or more addresses created by using 'admin', 'administrator', 'webmaster', 'hostmaster', or 'postmaster' as the local part, followed by the at‐ sign ("@"), followed by an Authorization Domain Name, (ii)

Re: [cabfpub] Pre-Ballot 209 EV Liability

Hi Ben, yes, much better... thanks! M.D. Sent from my Samsung device Original message From: Ben Wilson Date: 10/12/17 21:27 (GMT+02:00) To: "Moudrick M. Dadashov" , CA/Browser Forum Public Discussion List

Re: [cabfpub] Pre-Ballot 209 EV Liability

Moudrick and others, Is the following proposed change to section 18 of the EV Guidelines more clear? 18. Liability and Indemnification CAs MAY limit their liability as described in Section 9.8 of the Baseline Requirements except that a CA MAY NOT limit its liability to Subscribers or