Thank you, Virginia.
I assumed binding works like this:
BR/EVG --> Webtrust/ETSI audit schemes --> Audit report --> CP/CPS -->
Binding RPA/Subscriber Agreement
Agree?
Thanks,
M.D.
On 10/13/2017 12:38 AM, Virginia Fournier via Public wrote:
Message: 3
Date: Fri, 13 Oct 2017 00:18:33 +0300
From: "Moudrick M. Dadashov" <[email protected] <mailto:[email protected]>>
To: Virginia Fournier via Public <[email protected]
<mailto:[email protected]>>
Subject: Re: [cabfpub] Limitation of Liability and Indemnification
Message-ID: <[email protected]
<mailto:[email protected]>>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Could you please explain why you think BR and EV Requirements are only
binding on members of the Forum?
Thanks,
M.D.
Hi M.D.
I can see why this would be hard to understand.
Entities who are not members of the Forum have nothing that would
legally bind them to abide by those limitations. They aren’t members,
so they aren’t bound by any of the Forum documents - Bylaws, Baseline
Requirements, etc. They don’t have a written agreement with the Forum
to abide by certain requirements, so they’re not bound that way either.
The best way to make the limitations binding on the Subscribers,
Relying Parties, etc. would be for the CAs to enter into agreements
with those parties, and try to get them to agree to the limitations.
But, again, they could just ignore the limitations.
As an example, let’s say you and I make an agreement that you will
sell a car to my friend Bob for $5,000. We sign the agreement and
you’re ready to deliver the car to Bob. You get to Bob’s house, and
he wants the car for $2,000. You say that you agreed with me to sell
it for $5,000. Bob says tough turnips, he wasn’t part of that
agreement, it’s his money, and he won’t pay more than $2,000. You
would have no choice but to sell Bob the car for $2,000 or find a new
buyer. The agreement that you and I made for $5,000 isn’t binding on
Bob, because he wasn’t part of the agreement. Does that make sense?
Virginia
On 10/13/2017 12:08 AM, Virginia Fournier via Public wrote:
Hi all,
I want to weigh in on this from a legal perspective.
The limitations on liabilities and indemnification provisions
included in the Baseline Requirements and the EV Requirements are
only binding on members of the Forum. In other words, these
limitations are not binding on parties such as Subscribers and
Relying Parties, and they do not have to accept the stated amounts.
So, CAs can try to obtain the limitations you?ve enumerated below,
but they do not have to be accepted. For example, a Subscriber could
demand a unlimited liability, and the CA would have to decide how to
proceed.
Also, what is ?legally recognizable and provable claims? intended to
cover, or exclude?
Best regards,
Virginia Fournier
Senior Standards Counsel
? Apple Inc.
? 669-227-9595
?? [email protected] <mailto:[email protected]>
Best regards,
Virginia Fournier
Senior Standards Counsel
Apple Inc.
☏ 669-227-9595
✉︎ [email protected] <mailto:[email protected]>
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public
