{ include('elements/header.html'); }
QUICKSSL(tm) SUBSCRIBER AGREEMENT
Please read the following agreement carefully. By submitting an application to obtain a QuickSSL(tm) Certificate and accepting and using such certificate, you indicate the acceptance of the following terms and conditions and you agree to be bound by them.
This GeoTrust QuickSSL(tm) Web Server Certificate Subscriber Agreement (this "Agreement") is made by and between GeoTrust Inc. ("GeoTrust") and you, a certificate applicant and governs your application for, issuance and use of a GeoTrust QuickSSL Web Server Certificate. By accepting this Agreement, you represent that you have express authority to apply for and accept the Agreement on behalf of either (i) the organization named on the enrollment form ("Subscriber"), or (ii) an internet service provider, hosting company, or GeoTrust reseller ("Partner") who has express authority from the organization to apply for and accept the Agreement on such organization's behalf. To the extent that Partner performs any obligations on behalf of the organization, the term "Subscriber" shall also apply to Partner. Both the organization and the Partner agree to be bound by the terms of this Agreement.
Subscriber hereby represents that it is fully authorized to apply for a GeoTrust QuickSSL web server certificate for secure and authenticated electronic transactions. The Subscriber understands that a digital certificate serves to identify the Subscriber for the purposes of electronic commerce, and that the management of the private keys associated with such certificates is the responsibility of the Subscriber and/or its contractors.
NOW, THEREFORE, in consideration of the above premises and the mutual covenants set forth herein, and for other good and valuable mutual consideration, the receipt and sufficiency of which are hereby mutually acknowledged, GeoTrust and Subscriber agree as follows:
1. Definitions. For the purposes of this Agreement, all capitalized terms used in this Agreement shall have the meaning ascribed to them in this Section 1 and elsewhere in this Agreement.
"Certificate" means a record that, at a minimum (a) identifies the Certification Authority issuing it, (b) names or otherwise identifies its Subscriber; (c) contains a Public Key that corresponds to a Private Key under the control of the Subscriber, (d) identifies its operational period, and (e) contains a Certificate serial number and is Digitally Signed by the issuing Certification Authority.
"Certification Authority" means an entity which issues Certificates and performs all of the functions associated with issuing such Certificates.
"CSR" or "Certificate Signing Request" means a text file submitted with your enrollment form which contains the organization name, domain name, division, country, state, city and your Public Key and is used by GeoTrust to generate your Certificate.
"Digital Signature" means a transformation of a message using an asymmetric cryptosystem such that a person having the initial message and the signer's Public Key can accurately determine whether the transformation was created using the Private Key that corresponds to the signer's Public Key and whether the message has been altered since the transformation was made.
"Digitally Signed" means the application of a Digital Signature to electronic data.
"Key Pair" means two mathematically related keys, having the following properties: (a) one key can be used to encrypt a message that can only be decrypted using the other key, and (b) even knowing one key, it is computationally infeasible to discover the other key.
"Public Key" means the key of a Key Pair used to verify a Digital Signature. The Public Key is made freely available to anyone who will receive digitally signed messages from the holder of the Key Pair. The Public Key is usually provided via a Certificate issued by a Certification Authority. A Public Key is used to verify the digital signature of a message purportedly sent by the holder of the corresponding Private Key.
"Private Key" means the key of a Key Pair used to create a Digital Signature. This key must be kept private.
"Subscriber" means a person or entity who (a) is the subject named or identified in a Certificate issued to such person or entity, (b) holds a Private Key that corresponds to a Public Key listed in that Certificate, and (c) the person or entity to whom Digitally Signed messages verified by reference to such Certificate are to be attributed.
"Trustworthy System" means computer hardware, software, and procedures that (a) are reasonably secure from intrusion and misuse, (b) provide a reasonable level of availability, reliability, and correct operation, (c) are reasonably suited to performing their intended functions, and (d) adhere to generally accepted security procedures.
2. Subscriber Obligations. In addition to complying with the terms of the QuickSSL Certificate Practices Statement ("CPS") which are incorporated by reference into this Agreement, Subscriber shall comply with each of the following obligations: (a) provide information on the Certificate application that is correct and accurate, (b) generate a Key Pair using a Trustworthy System; (c) use the Certificate exclusively for authorized and legal Public and Private Key operations consistent with this Agreement; (d) protect the confidentiality of the Private Key from unauthorized use, access or disclosure; (e) use the Certificate only in conjunction with properly licensed cryptographic software, (f) promptly request that GeoTrust revoke the Certificate upon any change to the information on the Certificate or the Certificate application, including, but not limited to the change of the organization name or domain name registration of Subscriber, (g) promptly request that GeoTrust revoke the Certificate upon any actual or suspected loss, disclosure, or other compromise of the Private Key, and (h) install the Certificate on no more than one server at a time. Any failure of Subscriber to comply with each of the obligations under this Section 2 shall be a material breach of the Agreement. Subscriber acknowledges the inherent possibility of the compromise of Subscriber's and/or another Subscriber's Private Key, which may or may not be detected, and the possible use of a stolen or compromised Private Key to forge Subscriber's or another Subscriber's Digital Signature.
3. GeoTrust Services. Under this Agreement, GeoTrust is a Certification Authority. GeoTrust shall only issue a Certificate upon authenticating and validating the application and enrollment information of Subscriber according to the CPS as may be amended from time to time by GeoTrust. The CPS is available for viewing at: http://www.geotrust.com/resources. GeoTrust, in its sole discretion, may refuse to issue a Certificate to any Subscriber. GeoTrust shall, consistent with this Agreement and CPS, and to the extent necessary or applicable, (a) receive and process the Certificate application, (b) send an acknowledgment to Subscriber of either the approval or rejection of the Certificate application, (c) if the Certificate application is approved, issue a Certificate, (d) publish the Certificate, (e) process all requests for Certificate revocation upon the receipt of an authenticated request from Subscriber, and (f) perform its other duties under the CPS. GeoTrust shall have the right to revoke a Certificate upon (a) any change to the information on the Certificate or the Certificate application, including, but not limited to the change of the organization name or domain name registration of Subscriber or (b) any actual or suspected loss, disclosure, or other compromise of Subscriber's Private Key. Upon request, GeoTrust shall use reasonable efforts to provide to all requesting parties, including entities or persons using or relying on a Certificate, information concerning the status of such Certificate.
4. Fees. Subscriber shall pay to GeoTrust or Partner (as applicable) the fees associated with the issuance of the Certificate upon the application therefor.
5. Confidentiality. GeoTrust and Subscriber agree that certain information contained in the enrollment form may be confidential and proprietary information of the disclosing party (collectively "Confidential Information") and agree to use such Confidential Information only in connection with its obligations hereunder or as permitted in the CPS. These obligations shall continue indefinitely for so long as the Confidential Information is a trade secret under applicable law and shall continue for two (2) years following termination of this Agreement with respect to Confidential Information that does not rise to the level of a trade secret. Notwithstanding the above, Subscriber hereby acknowledges and agrees that GeoTrust (a) may publish certain information provided by Subscriber in the CSR in order to establish or update a unique business identification number profile; (b) may publish or otherwise disclose the serial number and other information contained on the Certificate in connection with GeoTrust's dissemination of Certificate status information; and (c) may collect information regarding the use of Certificates and disclose such information in its aggregated form.
6. Term and Termination.
6.1 Term. The term of this Agreement shall begin on the date the Certificate application is submitted to GeoTrust and shall terminate immediately upon the earlier of (a) the end of the Certificate's stated validity period, (b) the revocation of the Certificate, (c) the rejection of the Certificate application, (d) thirty (30) days after receipt of notice by Subscriber from GeoTrust regarding a breach by Subscriber of its obligations under this Agreement which remains uncured for such period of time, or (e) receipt of notice by GeoTrust from Subscriber of its intent to terminate this Agreement.7. Disclaimer of Warranties. GEOTRUST AND PARTNER EXPRESSLY DISCLAIM AND MAKE NO REPRESENTATION, WARRANTY OR COVENANT OF ANY KIND, WHETHER EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, WITH RESPECT TO THE SERVICES PROVIDED OR THE CERTIFICATE ISSUED HEREUNDER, INCLUDING WITHOUT LIMITATION, ALL WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE OR USE OF THE SERVICES OR CERTIFICATE, AND ALL WARRANTIES, REPRESENTATIONS, CONDITIONS, UNDERTAKINGS, TERMS AND OBLIGATIONS IMPLIED BY STATUTE OR COMMON LAW, TRADE USAGE, COURSE OF DEALING OR OTHERWISE ARE HEREBY EXCLUDED TO THE FULLEST EXTENT PERMITTED BY LAW. GEOTRUST AND PARTNER FURTHER DISCLAIM AND MAKE NO REPRESENTATION, WARRANTY OR COVENANT OF ANY KIND, WHETHER EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, TO SUBSCRIBER OR ANY THIRD PARTY THAT (A) ANY SUBSCRIBER TO WHICH IT HAS ISSUED A CERTIFICATE IS IN THE FACT THE PERSON, ENTITY OR ORGANIZATION IT CLAIMS TO BE IN THE INFORMATION SUPPLIED TO GEOTRUST OR PARTNER, (B) A SUBSCRIBER IS IN FACT THE PERSON, ENTITY OR ORGANIZATION LISTED IN A CERTIFICATE, OR (C) THAT THE INFORMATION CONTAINED IN THE CERTIFICATES OR IN ANY CERTIFICATE STATUS MECHANISM COMPILED, PUBLISHED OR OTHERWISE DISSEMINATED BY GEOTRUST, OR THE RESULTS OF ANY CRYPTOGRAPHIC METHOD IMPLEMENTED IN CONNECTION WITH THE CERTIFICATES IS ACCURATE, AUTHENTIC, COMPLETE OR RELIABLE.
6.2 Effect of Termination. Upon the termination of this Agreement for any reason, GeoTrust shall revoke the Certificate. Upon the revocation of the Certificate for any reason, Subscriber shall have no right in and shall not use the Certificate in any manner. Notwithstanding the foregoing, any use of the Certificate prior to the revocation of the Certificate or termination of this Agreement shall not be affected thereby.
6.3 No Damages or Indemnification for Termination. Neither party shall be liable to the other party for any costs or damages of any kind, including direct, indirect, incidental special, multiple, punitive, exemplary or consequential damages, or for indemnification of the party, solely on account of the lawful termination of this Agreement, even if informed of the possibility of such damages.