Re: [cabfpub] Limitation of Liability and Indemnification

Thu, 12 Oct 2017 15:11:37 -0700 

How about:
BR/EVG --> Webtrust/ETSI schemes --> *Root Store schemes* --> Audit report --> CP/CPS --> Binding RPA/Subscriber Agreement 

Thanks,
M.D

On 10/13/2017 12:58 AM, Ryan Sleevi via Public wrote:




On Thu, Oct 12, 2017 at 5:38 PM, Virginia Fournier via Public 
<[email protected] <mailto:[email protected]>> wrote:


    Message: 3
    Date: Fri, 13 Oct 2017 00:18:33 +0300
    From: "Moudrick M. Dadashov" <[email protected] <mailto:[email protected]>>
    To: Virginia Fournier via Public <[email protected]
    <mailto:[email protected]>>
    Subject: Re: [cabfpub] Limitation of Liability and Indemnification
    Message-ID: <[email protected]
    <mailto:[email protected]>>
    Content-Type: text/plain; charset="utf-8"; Format="flowed"

    Could you please explain why you think BR and EV Requirements are
    only
    binding on members of the Forum?

    Thanks,
    M.D.

    Hi M.D.

    I can see why this would be hard to understand.

    Entities who are not members of the Forum have nothing that would
    legally bind them to abide by those limitations.  They aren’t
    members, so they aren’t bound by any of the Forum documents -
    Bylaws, Baseline Requirements, etc.  They don’t have a written
    agreement with the Forum to abide by certain requirements, so
    they’re not bound that way either.



Members of the Forum also aren't bound to abide by the Baseline 
Requirements.


Given this, does that resolve your concern?

    The best way to make the limitations binding on the Subscribers,
    Relying Parties, etc. would be for the CAs to enter into
    agreements with those parties, and try to get them to agree to the
    limitations.  But, again, they could just ignore the limitations.



Perhaps phrased differently - the BRs describe what such agreements 
MUST and SHOULD contain. This is allowing a further modification (a 
MAY) to such agreements. The enforcement and requirement that CAs 
agreements do or do not contain such provisions is done by the root 
stores that individual CAs partner with - not by the Forum.



No member of the Forum is bound to abide by the Baseline Requirements 
by the Forum. The only document any member is bound to is to the IPR 
policy (as per the mutual contracts signed).




_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public



_______________________________________________
Public mailing list
[email protected]
https://cabforum.org/mailman/listinfo/public






















					Reply via email to