summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2014-08-28 09:22:31 +0200
committerBenny Baumann <BenBE@geshi.org>2014-08-28 09:22:31 +0200
commit7fa0fbd5ca00be480a61499bc8d8ff658ac1895d (patch)
tree6b2edb7886e3e1c43a9ed0a73c2c6fc4df47c166
parentf7509bc9a6a2bcc1cae277d159aed71d6a0049c3 (diff)
parent1e079aba2cf37259a3506026e4b748465f3c6f3a (diff)
downloadcacert-devel-7fa0fbd5ca00be480a61499bc8d8ff658ac1895d.tar.gz
cacert-devel-7fa0fbd5ca00be480a61499bc8d8ff658ac1895d.tar.xz
cacert-devel-7fa0fbd5ca00be480a61499bc8d8ff658ac1895d.zip
Merge branch 'bug-1293' into release
-rw-r--r--www/policy/CAcertCommunityAgreement.php1087
1 files changed, 584 insertions, 503 deletions
diff --git a/www/policy/CAcertCommunityAgreement.php b/www/policy/CAcertCommunityAgreement.php
index 3106eb1..17065f1 100644
--- a/www/policy/CAcertCommunityAgreement.php
+++ b/www/policy/CAcertCommunityAgreement.php
@@ -1,512 +1,593 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
-
-<html>
-<head><title>CAcert Community Agreement</title></head>
+<?='<?xml version="1.0" encoding="utf-8"?>'?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
+ "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+ <meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8" />
+ <title> CAcert Community Agreement </title>
+<style type="text/css">
+<!--
+.comment {
+ color : steelblue;
+}
+.first-does-not-work {
+ color : red;
+}
+.q {
+ color : green;
+ font-weight: bold;
+ text-align: center;
+ font-style:italic;
+}
+.change {
+ color : blue;
+ font-weight: bold;
+}
+.change2 {
+ color : blue;
+ font-weight: bold;
+}
+.change3 {
+ color : blue;
+ font-weight: bold;
+}
+.change4 {
+ color : blue;
+ font-weight: bold;
+}
+.change5 {
+ color : blue;
+ font-weight: bold;
+}
+.change6 {
+ color : blue;
+ font-weight: bold;
+}
+.change7 {
+ color : blue ;
+ font-weight: bold;
+}
+.change8 {
+ color : blue;
+ font-weight: bold;
+}
+.change9 {
+ color : blue;
+ font-weight: bold;
+}
+.change10 {
+ color : blue;
+ font-weight: bold;
+}
+.change11 {
+ color : blue;
+ font-weight: bold;
+}
+.change12 {
+ color : blue;
+ font-weight: bold;
+}
+.change13 {
+ color : blue;
+ font-weight: bold;
+}
+.strike {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike2 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike4 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike5 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike6 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike7 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike8 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike9 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike10 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike11 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike12 {
+ color : blue;
+ text-decoration:line-through;
+}
+.strike13 {
+ color : blue;
+ text-decoration:line-through;
+}
+-->
+</style>
+
+</head>
<body>
+ <div class="comment">
+ <table width="100%">
+
+ <tr>
+ <td rowspan="2">
+ Name: CCA <a style="color: steelblue" href="https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD9</a><br />
+ Status: POLICY <a style="color: steelblue" href="https://wiki.cacert.org/PolicyDecisions#p20080109.1_CCA_to_POLICY_status">p20080109.1</a><br />
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<span class="draftadd">DRAFT <a style="color: steelblue" href="https://wiki.cacert.org/PolicyDecisions#p20140709_CCA_update_to_DRAFT">p20140709</a></span> <br />
+ Editor: <a style="color: steelblue" href="https://wiki.cacert.org/Community/HomePagesMembers/BenediktHeintel">Benedikt</a><br />
+ Licence: <a style="color: steelblue" href="https://wiki.cacert.org/Policy#Licence" title="this document is Copyright &copy; CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy">CC-by-sa+DRP</a><br />
+
+ </td>
+ <td valign="top" align="right">
+ <a href="https://www.cacert.org/policy/PolicyOnPolicy.php"><img src="images/cacert-policy.png" alt="CCA Status - POLICY" height="31" width="88" style="border-style: none;" /></a>
+
+ <!-- XXXXXXXXXXXXXX delete this going to POLICY -->
+ <br />
+ <a href="https://www.cacert.org/policy/PolicyOnPolicy.php"><img src="images/cacert-draft.png" alt="CCA Status - DRAFT" height="31" width="88" style="border-style: none;" /></a>
+
+ </td>
+ </tr>
+ </table>
+ </div>
+
+ <h2>CAcert Community Agreement</h2>
+
+ <h3><a name="0">0.</a> Introduction</h3>
+
+ <p>This agreement is between you, being a registered member ("Member") within
+ CAcert's community at large ("Community") and CAcert Incorporated ("CAcert"),
+ being an operator of services to the Community.</p>
+
+ <h4><a name="0.1">0.1</a> Terms</h4>
+
+ <ol>
+ <li>"CAcert" means CAcert Inc., a non-profit Association of Members
+ incorporated in New South Wales, Australia. Note that Association Members
+ are distinct from the Members defined here.</li>
+
+ <li>"Member" means you, a registered participant within CAcert's Community,
+ with an account on the website and the facility to request certificates.
+ Members may be individuals ("natural persons") or organisations ("legal
+ persons").</li>
+
+ <li>"Organisation" is defined under the Organisation Assurance programme,
+ and generally includes corporations and other entities that become Members
+ and become Assured.</li>
+
+ <li>"Community" means all of the Members that are registered by this
+ agreement and other parties by other agreements, all being under CAcert's
+ Arbitration.</li>
+
+ <li>"Non-Related Person" ("NRP"), being someone who is not a Member, is not
+ part of the Community, and has not registered their agreement. <span class=
+ "strike7">Such people are offered the NRP-DaL another agreement allowing
+ the USE of certificates.</span></li>
+
+ <li><span class="strike7">"Non-Related Persons - Disclaimer and Licence"
+ ("NRP-DaL"), another agreement that is offered to persons outside the
+ Community.</span><span class="change7">(withdrawn)</span></li>
+
+ <li>"Arbitration" is the Community's forum for resolving disputes, or
+ jurisdiction.</li>
+
+ <li>"Dispute Resolution Policy" ("DRP" =&gt; COD7) is the policy and rules
+ for resolving disputes.</li>
+
+ <li>"USE" means the act by your software to conduct its tasks,
+ incorporating the certificates according to software procedures.</li>
+
+ <li>"RELY" means your human act in taking on a risk and liability on the
+ basis of the claim(s) bound within a certificate.</li>
+
+ <li>"OFFER" means the your act of making available your certificate to
+ another person. Generally, you install and configure your software to act
+ as your agent and facilite this and other tasks. OFFER does not imply
+ suggestion of reliance.</li>
+
+ <li>"Issue" means creation of a certificate by CAcert. To create a
+ certificate, CAcert affixes a digital signature from the root onto a public
+ key and other information. This act would generally bind a statement or
+ claim, such as your name, to your key.</li>
+
+ <li>"Root" means CAcert's top level key, used for signing certificates for
+ Members. In this document, the term includes any subroots.</li>
+
+ <li>"CAcert Official Document" ("COD" <span class="strike4">=&gt;
+ COD3</span>) <span class="strike4">in a standard format for describing the
+ details of operation and governance essential to a certificate authority.
+ Changes are managed and controlled. CODs define more technical terms. See
+ 4.2 for listing of relevant CODs.</span> <span class="change4">is an
+ official managed and controlled document (e. g. a Policy) of
+ CAcert.</span></li>
+
+ <li>"Certification Practice Statement" ("CPS" =&gt; COD6) is the document
+ that controls details about operational matters within CAcert.</li>
+ </ol>
+
+ <h3><a name="1">1.</a> Agreement and Licence</h3>
+
+ <h4><a name="1.1">1.1</a> Agreement</h4>
+
+ <p>You <span class="strike">and CAcert both</span> agree to the terms and
+ conditions in this agreement. Your agreement is given by <span class=
+ "change2">but not limited to</span> <span class="strike2">any of</span></p>
+
+ <ul>
+ <li>your signature on a form to request assurance of identity ("CAP"
+ form),</li>
+
+ <li>your request on the website to join the Community and create an
+ account,</li>
+
+ <li>your request for Organisation Assurance,</li>
+
+ <li>your request for issuing of certificates, or</li>
+
+ <li>if you USE, RELY, or OFFER any certificate issued to you.</li>
+ </ul>
+
+ <p>Your agreement is effective from the date of the first event above that
+ makes this agreement known to you. This Agreement replaces and <span class=
+ "strike2">supercedes prior agreements, including the NRP-DaL.</span>
+ <span class="change2">supersedes any prior agreements.</span></p>
+
+ <h4><a name="1.2">1.2</a> Licence</h4>
+
+ <p>As part of the Community, CAcert offers you these rights:</p>
+
+ <ol>
+ <li>You may USE any certificates issued by CAcert.</li>
+
+ <li>You may RELY on any certificate issued by CAcert, as explained and
+ limited by CPS (COD6).</li>
+
+ <li>You may OFFER certificates issued to you by CAcert to Members for their
+ RELIANCE.</li>
+
+ <li>You may OFFER certificates issued to you by CAcert to NRPs for their
+ USE, within the general principles of the Community.</li>
+
+ <li>This Licence is free of cost, non-exclusive, and
+ non-transferrable.</li>
+ </ol>
+
+ <h4><a name="1.3">1.3</a> Your Contributions</h4>
+
+ <p>You agree to a non-exclusive non-restrictive non-revokable transfer of
+ Licence to CAcert for your contributions. That is, if you post an idea or
+ comment on a CAcert forum, or email it to other Members, your work can be
+ used freely by the Community for CAcert purposes, including placing under
+ CAcert's licences for wider publication.</p>
+
+ <p>You retain authorship rights, and the rights to also transfer
+ non-exclusive rights to other parties. That is, you can still use your ideas
+ and contributions outside the Community.</p>
+
+ <p>Note that the following exceptions override this clause:</p>
+
+ <ol>
+ <li>Contributions to controlled documents are subject to Policy on Policy
+ ("PoP" =&gt; COD1)</li>
+
+ <li>Source code is subject to an open source licence regime.</li>
+
+ <li><span class="change">Personal data</span></li>
+
+ <li><span class="change">Postings under competing licenses if clearly
+ stated when posted</span></li>
+ </ol>
+
+ <h4><a name="1.4">1.4</a> Privacy</h4>
+
+ <p>You give rights to CAcert to store, verify and
+ process and publish your data in accordance with policies in force. These
+ rights include shipping the data to foreign countries for system
+ administration, support and processing purposes. Such shipping will only be
+ done among CAcert Community administrators and Assurers.</p>
+
+ <p>Privacy is further covered in the Privacy Policy ("PP" =&gt; COD5).</p>
+
+ <h3><a name="2">2.</a> Your Risks, Liabilities and Obligations</h3>
+
+ <p>As a Member, you have risks, liabilities and obligations within this agreement.</p>
+
+ <h4><a name="2.1">2.1</a> Risks</h4>
+
+ <ol>
+ <li>A certificate may prove unreliable.</li>
+
+ <li>Your account, keys or other security tools may be
+ lost or otherwise compromised.</li>
+
+ <li>You may find yourself subject to Arbitration (DRP
+ =&gt; COD7).</li>
+ </ol>
+
+ <h4><a name="2.2">2.2</a> Liabilities</h4>
+
+ <ol>
+ <li>You are liable for any penalties as awarded
+ against you by the Arbitrator.</li>
+
+ <li>Remedies are as defined in the DRP (COD7). An
+ Arbitrator's ruling may include monetary amounts, awarded against
+ you.</li>
+
+ <li>Your liability is limited to a total maximum of
+ <b>1000 Euros</b>.</li>
+
+ <li>"Foreign Courts" may assert jurisdiction. These
+ include your local courts, and are outside our Arbitration. Foreign Courts
+ will generally refer to the Arbitration Act of their country, which will
+ generally refer civil cases to Arbitration. The Arbitration Act will not
+ apply to criminal cases.</li>
+ </ol>
+
+ <h4><a name="2.3">2.3</a> Obligations</h4>
+
+ <p>You are obliged</p>
+
+ <ol>
+ <li>to provide accurate information as part of
+ Assurance. You give permission for verification of the information using
+ CAcert-approved methods.</li>
+
+ <li>to make no false representations.</li>
+
+ <li>to submit all your disputes to Arbitration (DRP
+ =&gt; COD7).</li>
+
+ <li><span class="change">to assist the Arbitrator by truthfully providing
+ information, or with any other reasonable request.</span></li>
+
+ <li><span class="change7">to not share your CAcert account.</span></li>
+ </ol>
+
+ <h4><a name="2.4">2.4</a> Principles</h4>
+
+ <p>As a Member of CAcert, you are a member of the Community. You are further
+ obliged to work within the spirit of the Principles of the Community. These
+ are described in <a href=
+ "http://svn.cacert.org/CAcert/principles.html">Principles of the
+ Community</a>.</p>
+
+ <h4><a name="2.5">2.5</a> Security</h4>
+
+ <p>CAcert exists to help you to secure yourself. You are primarily
+ responsible for your own security. Your security obligations include</p>
+
+ <ol>
+ <li>to secure yourself and your computing platform (e. g. PC),</li>
+
+ <li>to keep your email account in good working order,</li>
+
+ <li>to secure your CAcert account (e. g., credentials such as username,
+ password),</li>
+
+ <li>to secure your private keys, <span class="change8">ensuring that they
+ are only used as indicated by the certificate, or by wider agreement with
+ others,</span></li>
+
+ <li>to review certificates for accuracy, and</li>
+
+ <li>when in doubt, notify CAcert,</li>
+
+ <li>when in doubt, take other reasonable actions, such as revoking
+ certificates, changing account credentials, and/or generating new
+ keys.</li>
+ </ol>
+
+ <p>Where, above, 'secure' means to protect to a reasonable degree, in
+ proportion with your risks and the risks of others.</p>
+
+ <h3><a name="3">3.</a> Law and Jurisdiction</h3>
+
+ <h4><a name="3.1">3.1</a> Governing Law</h4>
+
+ <p>This agreement is governed under the law of New South Wales, Australia,
+ being the home of the CAcert Inc. Association.</p>
+
+ <h4><a name="3.2">3.2</a> Arbitration as Forum of Dispute Resolution</h4>
+
+ <p>You agree, with CAcert and all of the Community, that all disputes arising
+ out of or in connection to our use of CAcert services shall be referred to
+ and finally resolved by Arbitration under the rules within the Dispute
+ Resolution Policy of CAcert (DRP =&gt; COD7). The rules select a single
+ Arbitrator chosen by CAcert from among senior Members in the Community. The
+ ruling of the Arbitrator is binding and final on Members and CAcert
+ alike.</p>
+
+ <p>In general, the jurisdiction for resolution of disputes is within CAcert's
+ own forum of Arbitration, as defined and controlled by its own rules (DRP
+ =&gt; COD7).</p>
+
+ <p>We use Arbitration for many purposes beyond the strict nature of disputes,
+ such as governance and oversight. A systems administrator may need
+ authorisation to conduct a non-routine action, and Arbitration may provide
+ that authorisation. Thus, you may find yourself party to Arbitration that is
+ simply support actions, and you may file disputes in order to initiate
+ support actions.</p>
+
+ <h4><a name="3.3">3.3</a> Termination</h4>
+
+ <p><span class="strike12">You may terminate this agreement by resigning from
+ CAcert. You may do this at any time by writing to CAcert's online support
+ forum and filing dispute to resign. All services will be terminated, and your
+ certificates will be revoked. However, some information will continue to be
+ held for certificate processing purposes.</span></p>
+
+ <p><span class="strike12">The provisions on Arbitration survive any
+ termination by you by leaving CAcert. That is, even if you resign from
+ CAcert, you are still bound by the DRP (COD7), and the Arbitrator may
+ reinstate any provision of this agreement or bind you to a ruling.</span></p>
+
+ <p><span class="strike12">Only the Arbitrator may terminate this agreement
+ with you.</span></p>
+
+ <p><span class="change12">The CAcert Community Agreement is
+ terminated</span></p>
+
+ <ol>
+ <li><span class="change12">based on a Policy Group decision following (PoP
+ =&gt; COD1). This terminates the Agreement with every member.</span></li>
+
+ <li><span class="change12">with a ruling of the Arbitrator or the
+ completion of a termination process defined by an Arbitrator ruling (DRP
+ =&gt; COD7).</span></li>
+
+ <li><span class="change12">by the end of existence of a member (i.e. death
+ in the case of individuals).</span></li>
+ </ol>
+
+ <p><span class="change12">A member may declare the wish to resign from CAcert
+ at any time by writing to <em>support AT cacert.org</em>. This triggers a
+ process for termination of this agreement with the member.</span></p>
+
+ <h4><span class="change12"><a name="3.3">3.3a</a> Consequences of
+ Termination</span></h4>
+
+ <p><span class="change12">The termination discontinues the right to USE,
+ OFFER and CREATE personal certificates in any account of the former member.
+ Those certificates will be revoked and all services to the former member will
+ be terminated as soon as possible. However, some information will continue to
+ be held for certificate processing purposes.</span></p>
+
+ <p><span class="change12">The provisions on Arbitration for the time of
+ membership survive any termination. Former members are still bound by the DRP
+ (COD7), and the Arbitrator may reinstate any provision of this agreement or
+ bind them to a ruling.</span></p>
+
+ <p><span class="change12">As far as Organisations are concerned details are
+ also defined in the Organisation Assurance Policy (OAP =&gt;
+ COD11).</span></p>
+
+ <p><span class="change12">Every member learning about the death of a member
+ or termination of existence of a member should notify <em>support AT
+ cacert.org</em>.</span></p>
+
+ <h4><a name="3.4">3.4</a> Changes of Agreement</h4>
+
+ <p>CAcert may from time to time vary the terms of this Agreement. Changes
+ will be done according to the documented CAcert policy for changing policies,
+ and is subject to scrutiny and feedback by the Community. Changes will be
+ notified to you by email to your primary address.</p>
+
+ <p>If you do not agree to the changes, you may terminate as above. Continued
+ use of the service shall be deemed to be agreement by you.</p>
+
+ <h4><a name="3.5">3.5</a> Communication</h4>
+
+ <p><span class="change6">You are responsible for keeping your primary email
+ account in good working order and able to receive emails from
+ CAcert.</span></p>
+
+ <p>Notifications to CAcert are to be sent by email to the address <em>support
+ AT cacert.org</em>. You should attach a digital signature<span class=
+ "strike6">, but need not do so in the event of security or similar
+ urgency</span>.</p>
+
+ <p><span class="strike6">Notifications to you are sent by CAcert to the
+ primary email address registered with your account. You are responsible for
+ keeping your email account in good working order and able to receive emails
+ from CAcert.</span></p>
+
+ <p><span class="strike6">Arbitration is generally conducted by
+ email.</span></p>
+
+ <h3><a name="4">4.</a> Miscellaneous</h3>
+
+ <h4><a name="4.1">4.1</a> <span class="strike10">Other Parties Within the
+ Community</span> <span class="change10">(withdrawn)</span></h4>
+
+ <p class="strike10">As well as you and other Members in the Community, CAcert
+ forms agreements with third party vendors and others. Thus, such parties will
+ also be in the Community. Such agreements are also controlled by the same
+ policy process as this agreement, and they should mirror and reinforce these
+ terms.</p>
+
+ <h4><a name="4.2">4.2</a> References and Other Binding Documents</h4>
+
+ <p class="strike11">This agreement is CAcert Official Document 9 (COD9) and
+ is a controlled document.</p>
+
+ <p>You are also bound by <span class="change11">the Policies of the Community
+ under the control of Policy on Policy ("PoP" =&gt; COD1) and listed in
+ <a href=
+ "https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">Controlled
+ Document List</a>.</span></p>
+
+ <ol>
+ <li><span class="strike11"><a href=
+ "http://www.cacert.org/policy/CertificationPracticeStatement.php">Certification
+ Practice Statement</a> (CPS =&gt; COD6).</span></li>
+
+ <li><span class="strike11"><a href=
+ "http://www.cacert.org/policy/DisputeResolutionPolicy.php">Dispute
+ Resolution Policy</a> (DRP =&gt; COD7).</span></li>
+
+ <li><span class="strike11"><a href="PrivacyPolicy.html">Privacy Policy</a>
+ (PP =&gt; COD5).</span></li>
+
+ <li><span class="strike11"><a href=
+ "http://svn.cacert.org/CAcert/principles.html">Principles of the
+ Community</a>.</span></li>
+ </ol>
+
+ <p class="strike11">Where documents are referred to as <i>=&gt; COD x</i>,
+ they are controlled documents under the control of Policy on Policies
+ (COD1).</p>
+
+ <p class="strike11">This agreement and controlled documents above are
+ primary, and may not be replaced or waived except by formal policy channels
+ and by Arbitration.</p>
+
+ <p class="change11">Controlled documents are primary, and may not be replaced
+ or waived except by formal policy channels and Arbitration.</p>
+
+ <p class="change11">This agreement is controlled document COD9.</p>
+
+ <h4><a name="4.3">4.3</a> Informative References</h4>
+ <p>The governing documents are in English. Documents may be translated for
+ convenience. Because we cannot control the legal effect of translations, the
+ English documents are the ruling ones.</p>
+ <p class="strike9">You are encouraged to be familiar with the Assurer
+ Handbook, which provides a more readable introduction for much of the
+ information needed. The Handbook is not however an agreement, and is
+ overruled by this agreement and others listed above.</p>
-<h3> <a name="0"> 0. </a> Introduction </h3>
-
-<p>
-This agreement is between
-you, being a registered member ("Member")
-within CAcert's community at large ("Community")
-and CAcert Incorporated ("CAcert"),
-being an operator of services to the Community.
-</p>
-
-<h4> <a name="0.1"> 0.1 </a> Terms </h4>
-<ol><li>
- "CAcert"
- means CAcert Inc.,
- a non-profit Association of Members incorporated in
- New South Wales, Australia.
- Note that Association Members are distinct from
- the Members defined here.
- </li><li>
- "Member"
- means you, a registered participant within CAcert's Community,
- with an account on the website and the
- facility to request certificates.
- Members may be individuals ("natural persons")
- or organisations ("legal persons").
- </li><li>
- "Organisation"
- is defined under the Organisation Assurance programme,
- and generally includes corporations and other entities
- that become Members and become Assured.
- </li><li>
- "Community"
- means all of the Members
- that are registered by this agreement
- and other parties by other agreements,
- all being under CAcert's Arbitration.
- </li><li>
- "Non-Related Person" ("NRP"),
- being someone who is not a
- Member, is not part of the Community,
- and has not registered their agreement.
- Such people are offered the NRP-DaL
- another agreement allowing the USE of certificates.
- </li><li>
- "Non-Related Persons - Disclaimer and Licence" ("NRP-DaL"),
- another agreement that is offered to persons outside the
- Community.
- </li><li>
- "Arbitration"
- is the Community's forum for
- resolving disputes, or jurisdiction.
- </li><li>
- "Dispute Resolution Policy" ("DRP" => COD7)
- is the policy and
- rules for resolving disputes.
- </li><li>
- "USE"
- means the act by your software
- to conduct its tasks, incorporating
- the certificates according to software procedures.
- </li><li>
- "RELY"
- means your human act in taking on a
- risk and liability on the basis of the claim(s)
- bound within a certificate.
- </li><li>
- "OFFER"
- means the your act
- of making available your certificate to another person.
- Generally, you install and configure your software
- to act as your agent and facilite this and other tasks.
- OFFER does not imply suggestion of reliance.
- </li><li>
- "Issue"
- means creation of a certificate by CAcert.
- To create a certificate,
- CAcert affixes a digital signature from the root
- onto a public key and other information.
- This act would generally bind a statement or claim,
- such as your name, to your key.
- </li><li>
- "Root"
- means CAcert's top level key,
- used for signing certificates for Members.
- In this document, the term includes any subroots.
- </li><li>
- "CAcert Official Document" ("COD" => COD3)
- in a standard format for describing the details of
- operation and governance essential to a certificate authority.
- Changes are managed and controlled.
- CODs define more technical terms.
- See 4.2 for listing of relevant CODs.
- </li><li>
- "Certification Practice Statement" ("CPS" => COD6)
- is the document that controls details
- about operational matters within CAcert.
-</li></ol>
-
-
-<h3> <a name="1"> 1. </a> Agreement and Licence </h3>
-
-<h4> <a name="1.1"> 1.1 </a> Agreement </h4>
-
-<p>
-You and CAcert both agree to the terms and conditions
-in this agreement.
-Your agreement is given by any of
-</p>
-
-<ul><li>
- your signature on a form to request assurance of identity
- ("CAP" form),
- </li><li>
- your request on the website
- to join the Community and create an account,
- </li><li>
- your request for Organisation Assurance,
- </li><li>
- your request for issuing of certificates, or
- </li><li>
- if you USE, RELY, or OFFER
- any certificate issued to you.
-</li></ul>
-
-<p>
-Your agreement
-is effective from the date of the first event above
-that makes this agreement known to you.
-This Agreement
-replaces and supercedes prior agreements,
-including the NRP-DaL.
-</p>
-
-
-<h4> <a name="1.2"> 1.2 </a> Licence </h4>
-
-<p>
-As part of the Community, CAcert offers you these rights:
-</p>
-
-<ol><li>
- You may USE any certificates issued by CAcert.
- </li><li>
- You may RELY on any certificate issued by CAcert,
- as explained and limited by CPS (COD6).
- </li><li>
- You may OFFER certificates issued to you by CAcert
- to Members for their RELIANCE.
- </li><li>
- You may OFFER certificates issued to you by CAcert
- to NRPs for their USE, within the general principles
- of the Community.
- </li><li>
- This Licence is free of cost,
- non-exclusive, and non-transferrable.
-</li></ol>
-
-<h4> <a name="1.3"> 1.3 </a> Your Contributions </h4>
-
-
-<p>
-You agree to a non-exclusive non-restrictive non-revokable
-transfer of Licence to CAcert for your contributions.
-That is, if you post an idea or comment on a CAcert forum,
-or email it to other Members,
-your work can be used freely by the Community for
-CAcert purposes, including placing under CAcert's licences
-for wider publication.
-</p>
-
-<p>
-You retain authorship rights, and the rights to also transfer
-non-exclusive rights to other parties.
-That is, you can still use your
-ideas and contributions outside the Community.
-</p>
-
-<p>
-Note that the following exceptions override this clause:
-</p>
-
-<ol><li>
- Contributions to controlled documents are subject to
- Policy on Policy ("PoP" => COD1)
- </li><li>
- Source code is subject to an open source licence regime.
-</li></ol>
-
-<h4> <a name="1.4"> 1.4 </a> Privacy </h4>
-
-
-<p>
-You give rights to CAcert to store, verify and process
-and publish your data in accordance with policies in force.
-These rights include shipping the data to foreign countries
-for system administration, support and processing purposes.
-Such shipping will only be done among
-CAcert Community administrators and Assurers.
-</p>
-
-<p>
-Privacy is further covered in the Privacy Policy ("PP" => COD5).
-</p>
-
-<h3> <a name="2"> 2. </a> Your Risks, Liabilities and Obligations </h3>
-
-<p>
-As a Member, you have risks, liabilities
-and obligations within this agreement.
-</p>
-
-<h4> <a name="2.1"> 2.1 </a> Risks </h4>
-
-<ol><li>
- A certificate may prove unreliable.
- </li><li>
- Your account, keys or other security tools may be
- lost or otherwise compromised.
- </li><li>
- You may find yourself subject to Arbitration
- (DRP => COD7).
-</li></ol>
-
-<h4> <a name="2.2"> 2.2 </a> Liabilities </h4>
-
-<ol><li>
- You are liable for any penalties
- as awarded against you by the Arbitrator.
- </li><li>
- Remedies are as defined in the DRP (COD7).
- An Arbitrator's ruling may
- include monetary amounts, awarded against you.
- </li><li>
- Your liability is limited to
- a total maximum of
- <b>1000 Euros</b>.
- </li><li>
- "Foreign Courts" may assert jurisdiction.
- These include your local courts, and are outside our Arbitration.
- Foreign Courts will generally refer to the Arbitration
- Act of their country, which will generally refer
- civil cases to Arbitration.
- The Arbitration Act will not apply to criminal cases.
-</li></ol>
-
-<h4> <a name="2.3"> 2.3 </a> Obligations </h4>
-
-<p>
- You are obliged
-</p>
-
-<ol><li>
- to provide accurate information
- as part of Assurance.
- You give permission for verification of the information
- using CAcert-approved methods.
- </li><li>
- to make no false representations.
- </li><li>
- to submit all your disputes to Arbitration
- (DRP => COD7).
-</li></ol>
-
-<h4> <a name="2.4"> 2.4 </a> Principles </h4>
-
-<p>
-As a Member of CAcert, you are a member of
-the Community.
- You are further obliged to
- work within the spirit of the Principles
- of the Community.
- These are described in
- <a href="http://svn.cacert.org/CAcert/principles.html">Principles of the Community</a>.
-</p>
-
-<h4> <a name="2.5"> 2.5 </a> Security </h4>
-<p>
-CAcert exists to help you to secure yourself.
-You are primarily responsible for your own security.
-Your security obligations include
-</p>
-
-<ol><li>
- to secure yourself and your computing platform (e.g., PC),
- </li><li>
- to keep your email account in good working order,
- </li><li>
- to secure your CAcert account
- (e.g., credentials such as username, password),
- </li><li>
- to secure your private keys,
- </li><li>
- to review certificates for accuracy,
- and
- </li><li>
- when in doubt, notify CAcert,
- </li><li>
- when in doubt, take other reasonable actions, such as
- revoking certificates,
- changing account credentials,
- and/or generating new keys.
-</li></ol>
-
-<p>
-Where, above, 'secure' means to protect to a reasonable
-degree, in proportion with your risks and the risks of
-others.
-</p>
-
-<h3> <a name="3"> 3. </a> Law and Jurisdiction </h3>
-
-<h4> <a name="3.1"> 3.1 </a> Governing Law </h4>
-
-<p>
-This agreement is governed under the law of
-New South Wales, Australia,
-being the home of the CAcert Inc. Association.
-</p>
-
-<h4> <a name="3.2"> 3.2 </a> Arbitration as Forum of Dispute Resolution </h4>
-
-<p>
-You agree, with CAcert and all of the Community,
-that all disputes arising out
-of or in connection to our use of CAcert services
-shall be referred to and finally resolved
-by Arbitration under the rules within the
-Dispute Resolution Policy of CAcert
-(DRP => COD7).
-The rules select a single Arbitrator chosen by CAcert
-from among senior Members in the Community.
-The ruling of the Arbitrator is binding and
-final on Members and CAcert alike.
-</p>
-
-<p>
-In general, the jurisdiction for resolution of disputes
-is within CAcert's own forum of Arbitration,
-as defined and controlled by its own rules (DRP => COD7).
-</p>
-
-<p>
-We use Arbitration for many purposes beyond the strict
-nature of disputes, such as governance and oversight.
-A systems administrator may
-need authorisation to conduct a non-routine action,
-and Arbitration may provide that authorisation.
-Thus, you may find yourself party to Arbitration
-that is simply support actions, and you may file disputes in
-order to initiate support actions.
-</p>
-
-<h4> <a name="3.3"> 3.3 </a> Termination </h4>
-<p>
-You may terminate this agreement by resigning
-from CAcert. You may do this at any time by
-writing to CAcert's online support forum and
-filing dispute to resign.
-All services will be terminated, and your
-certificates will be revoked.
-However, some information will continue to
-be held for certificate processing purposes.
-</p>
-
-<p>
-The provisions on Arbitration survive any termination
-by you by leaving CAcert.
-That is, even if you resign from CAcert,
-you are still bound by the DRP (COD7),
-and the Arbitrator may reinstate any provision of this
-agreement or bind you to a ruling.
-</p>
-
-<p>
-Only the Arbitrator may terminate this agreement with you.
-</p>
-
-<h4> <a name="3.4"> 3.4 </a> Changes of Agreement </h4>
-
-<p>
-CAcert may from time to time vary the terms of this Agreement.
-Changes will be done according to the documented CAcert policy
-for changing policies, and is subject to scrutiny and feedback
-by the Community.
-Changes will be notified to you by email to your primary address.
-</p>
-
-<p>
-If you do not agree to the changes, you may terminate as above.
-Continued use of the service shall be deemed to be agreement
-by you.
-</p>
-
-<h4> <a name="3.5"> 3.5 </a> Communication </h4>
-
-<p>
-Notifications to CAcert are to be sent by
-email to the address
-<b>support</b> <i>at</i> CAcert.org.
-You should attach a digital signature,
-but need not do so in the event of security
-or similar urgency.
-</p>
-
-<p>
-Notifications to you are sent
-by CAcert to the primary email address
-registered with your account.
-You are responsible for keeping your email
-account in good working order and able
-to receive emails from CAcert.
-</p>
-
-<p>
-Arbitration is generally conducted by email.
-</p>
-
-<h3> <a name="4"> 4. </a> Miscellaneous </h3>
-
-<h4> <a name="4.1"> 4.1 </a> Other Parties Within the Community </h4>
-
-<p>
-As well as you and other Members in the Community,
-CAcert forms agreements with third party
-vendors and others.
-Thus, such parties will also be in the Community.
-Such agreements are also controlled by the same
-policy process as this agreement, and they should
-mirror and reinforce these terms.
-</p>
-
-
-<h4> <a name="4.2"> 4.2 </a> References and Other Binding Documents </h4>
-
-<p>
-This agreement is CAcert Official Document 9 (COD9)
-and is a controlled document.
-</p>
-
-<p>
-You are also bound by
-</p>
-
-<ol><li>
- <a href="http://www.cacert.org/policy/CertificationPracticeStatement.php">
- Certification Practice Statement</a> (CPS => COD6).
- </li><li>
- <a href="http://www.cacert.org/policy/DisputeResolutionPolicy.php">
- Dispute Resolution Policy</a> (DRP => COD7).
- </li><li>
- <a href="PrivacyPolicy.html">
- Privacy Policy</a> (PP => COD5).
- </li><li>
- <a href="http://svn.cacert.org/CAcert/principles.html">
- Principles of the Community</a>.
-</li></ol>
-
-<p>
-Where documents are referred to as <i>=> COD x</i>,
-they are controlled documents
-under the control of Policy on Policies (COD1).
-</p>
-
-<p>
-This agreement and controlled documents above are primary,
-and may not be replaced or waived except
-by formal policy channels and by Arbitration.
-</p>
-
-<h4> <a name="4.3"> 4.3 </a> Informative References </h4>
-
-<p>
-The governing documents are in English.
-Documents may be translated for convenience.
-Because we cannot control the legal effect of translations,
-the English documents are the ruling ones.
-</p>
-
-<p>
-You are encouraged to be familiar with the
-Assurer Handbook,
-which provides a more readable introduction for much of
-the information needed.
-The Handbook is not however an agreement, and is overruled
-by this agreement and others listed above.
-</p>
-
-<h4> <a name="4.4"> 4.4 </a> Not Covered in this Agreement </h4>
-
-<p>
-<b>Intellectual Property.</b>
-This Licence does not transfer any intellectual
-property rights ("IPR") to you. CAcert asserts and
-maintains its IPR over its roots, issued certificates,
-brands, logos and other assets.
-Note that the certificates issued to you
-are CAcert's intellectual property
-and you do not have rights other than those stated.
-</p>
+ <p class="change9">Beside this Agreement and the Policies, there are other
+ documents, i. e. Policy Guides, Manuals and Handbooks, supporting and
+ explaining this Agreement and the Policies. These documents are not binding
+ and in doubt this Agreement and the Policies are valid.</p>
+ <h4><a name="4.4">4.4</a> <span class="strike9">Not Covered in this
+ Agreement</span> <span class="change9">(withdrawn)</span></h4>
+ <p class="strike9"><b>Intellectual Property.</b> This Licence does not
+ transfer any intellectual property rights ("IPR") to you. CAcert asserts and
+ maintains its IPR over its roots, issued certificates, brands, logos and
+ other assets. Note that the certificates issued to you are CAcert's
+ intellectual property and you do not have rights other than those stated.</p>
</body>
</html>