diff options
Diffstat (limited to 'www/policy/CAcertCommunityAgreement.php')
| -rw-r--r-- | www/policy/CAcertCommunityAgreement.php | 1087 |
1 files changed, 584 insertions, 503 deletions
diff --git a/www/policy/CAcertCommunityAgreement.php b/www/policy/CAcertCommunityAgreement.php index 3106eb1..17065f1 100644 --- a/www/policy/CAcertCommunityAgreement.php +++ b/www/policy/CAcertCommunityAgreement.php @@ -1,512 +1,593 @@ -<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> - -<html> -<head><title>CAcert Community Agreement</title></head> +<?='<?xml version="1.0" encoding="utf-8"?>'?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" + "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml"> +<head> + <meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8" /> + <title> CAcert Community Agreement </title> +<style type="text/css"> +<!-- +.comment { + color : steelblue; +} +.first-does-not-work { + color : red; +} +.q { + color : green; + font-weight: bold; + text-align: center; + font-style:italic; +} +.change { + color : blue; + font-weight: bold; +} +.change2 { + color : blue; + font-weight: bold; +} +.change3 { + color : blue; + font-weight: bold; +} +.change4 { + color : blue; + font-weight: bold; +} +.change5 { + color : blue; + font-weight: bold; +} +.change6 { + color : blue; + font-weight: bold; +} +.change7 { + color : blue ; + font-weight: bold; +} +.change8 { + color : blue; + font-weight: bold; +} +.change9 { + color : blue; + font-weight: bold; +} +.change10 { + color : blue; + font-weight: bold; +} +.change11 { + color : blue; + font-weight: bold; +} +.change12 { + color : blue; + font-weight: bold; +} +.change13 { + color : blue; + font-weight: bold; +} +.strike { + color : blue; + text-decoration:line-through; +} +.strike2 { + color : blue; + text-decoration:line-through; +} +.strike4 { + color : blue; + text-decoration:line-through; +} +.strike5 { + color : blue; + text-decoration:line-through; +} +.strike6 { + color : blue; + text-decoration:line-through; +} +.strike7 { + color : blue; + text-decoration:line-through; +} +.strike8 { + color : blue; + text-decoration:line-through; +} +.strike9 { + color : blue; + text-decoration:line-through; +} +.strike10 { + color : blue; + text-decoration:line-through; +} +.strike11 { + color : blue; + text-decoration:line-through; +} +.strike12 { + color : blue; + text-decoration:line-through; +} +.strike13 { + color : blue; + text-decoration:line-through; +} +--> +</style> + +</head> <body> + <div class="comment"> + <table width="100%"> + + <tr> + <td rowspan="2"> + Name: CCA <a style="color: steelblue" href="https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">COD9</a><br /> + Status: POLICY <a style="color: steelblue" href="https://wiki.cacert.org/PolicyDecisions#p20080109.1_CCA_to_POLICY_status">p20080109.1</a><br /> + <span class="draftadd">DRAFT <a style="color: steelblue" href="https://wiki.cacert.org/PolicyDecisions#p20140709_CCA_update_to_DRAFT">p20140709</a></span> <br /> + Editor: <a style="color: steelblue" href="https://wiki.cacert.org/Community/HomePagesMembers/BenediktHeintel">Benedikt</a><br /> + Licence: <a style="color: steelblue" href="https://wiki.cacert.org/Policy#Licence" title="this document is Copyright © CAcert Inc., licensed openly under CC-by-sa with all disputes resolved under DRP. More at wiki.cacert.org/Policy">CC-by-sa+DRP</a><br /> + + </td> + <td valign="top" align="right"> + <a href="https://www.cacert.org/policy/PolicyOnPolicy.php"><img src="images/cacert-policy.png" alt="CCA Status - POLICY" height="31" width="88" style="border-style: none;" /></a> + + <!-- XXXXXXXXXXXXXX delete this going to POLICY --> + <br /> + <a href="https://www.cacert.org/policy/PolicyOnPolicy.php"><img src="images/cacert-draft.png" alt="CCA Status - DRAFT" height="31" width="88" style="border-style: none;" /></a> + + </td> + </tr> + </table> + </div> + + <h2>CAcert Community Agreement</h2> + + <h3><a name="0">0.</a> Introduction</h3> + + <p>This agreement is between you, being a registered member ("Member") within + CAcert's community at large ("Community") and CAcert Incorporated ("CAcert"), + being an operator of services to the Community.</p> + + <h4><a name="0.1">0.1</a> Terms</h4> + + <ol> + <li>"CAcert" means CAcert Inc., a non-profit Association of Members + incorporated in New South Wales, Australia. Note that Association Members + are distinct from the Members defined here.</li> + + <li>"Member" means you, a registered participant within CAcert's Community, + with an account on the website and the facility to request certificates. + Members may be individuals ("natural persons") or organisations ("legal + persons").</li> + + <li>"Organisation" is defined under the Organisation Assurance programme, + and generally includes corporations and other entities that become Members + and become Assured.</li> + + <li>"Community" means all of the Members that are registered by this + agreement and other parties by other agreements, all being under CAcert's + Arbitration.</li> + + <li>"Non-Related Person" ("NRP"), being someone who is not a Member, is not + part of the Community, and has not registered their agreement. <span class= + "strike7">Such people are offered the NRP-DaL another agreement allowing + the USE of certificates.</span></li> + + <li><span class="strike7">"Non-Related Persons - Disclaimer and Licence" + ("NRP-DaL"), another agreement that is offered to persons outside the + Community.</span><span class="change7">(withdrawn)</span></li> + + <li>"Arbitration" is the Community's forum for resolving disputes, or + jurisdiction.</li> + + <li>"Dispute Resolution Policy" ("DRP" => COD7) is the policy and rules + for resolving disputes.</li> + + <li>"USE" means the act by your software to conduct its tasks, + incorporating the certificates according to software procedures.</li> + + <li>"RELY" means your human act in taking on a risk and liability on the + basis of the claim(s) bound within a certificate.</li> + + <li>"OFFER" means the your act of making available your certificate to + another person. Generally, you install and configure your software to act + as your agent and facilite this and other tasks. OFFER does not imply + suggestion of reliance.</li> + + <li>"Issue" means creation of a certificate by CAcert. To create a + certificate, CAcert affixes a digital signature from the root onto a public + key and other information. This act would generally bind a statement or + claim, such as your name, to your key.</li> + + <li>"Root" means CAcert's top level key, used for signing certificates for + Members. In this document, the term includes any subroots.</li> + + <li>"CAcert Official Document" ("COD" <span class="strike4">=> + COD3</span>) <span class="strike4">in a standard format for describing the + details of operation and governance essential to a certificate authority. + Changes are managed and controlled. CODs define more technical terms. See + 4.2 for listing of relevant CODs.</span> <span class="change4">is an + official managed and controlled document (e. g. a Policy) of + CAcert.</span></li> + + <li>"Certification Practice Statement" ("CPS" => COD6) is the document + that controls details about operational matters within CAcert.</li> + </ol> + + <h3><a name="1">1.</a> Agreement and Licence</h3> + + <h4><a name="1.1">1.1</a> Agreement</h4> + + <p>You <span class="strike">and CAcert both</span> agree to the terms and + conditions in this agreement. Your agreement is given by <span class= + "change2">but not limited to</span> <span class="strike2">any of</span></p> + + <ul> + <li>your signature on a form to request assurance of identity ("CAP" + form),</li> + + <li>your request on the website to join the Community and create an + account,</li> + + <li>your request for Organisation Assurance,</li> + + <li>your request for issuing of certificates, or</li> + + <li>if you USE, RELY, or OFFER any certificate issued to you.</li> + </ul> + + <p>Your agreement is effective from the date of the first event above that + makes this agreement known to you. This Agreement replaces and <span class= + "strike2">supercedes prior agreements, including the NRP-DaL.</span> + <span class="change2">supersedes any prior agreements.</span></p> + + <h4><a name="1.2">1.2</a> Licence</h4> + + <p>As part of the Community, CAcert offers you these rights:</p> + + <ol> + <li>You may USE any certificates issued by CAcert.</li> + + <li>You may RELY on any certificate issued by CAcert, as explained and + limited by CPS (COD6).</li> + + <li>You may OFFER certificates issued to you by CAcert to Members for their + RELIANCE.</li> + + <li>You may OFFER certificates issued to you by CAcert to NRPs for their + USE, within the general principles of the Community.</li> + + <li>This Licence is free of cost, non-exclusive, and + non-transferrable.</li> + </ol> + + <h4><a name="1.3">1.3</a> Your Contributions</h4> + + <p>You agree to a non-exclusive non-restrictive non-revokable transfer of + Licence to CAcert for your contributions. That is, if you post an idea or + comment on a CAcert forum, or email it to other Members, your work can be + used freely by the Community for CAcert purposes, including placing under + CAcert's licences for wider publication.</p> + + <p>You retain authorship rights, and the rights to also transfer + non-exclusive rights to other parties. That is, you can still use your ideas + and contributions outside the Community.</p> + + <p>Note that the following exceptions override this clause:</p> + + <ol> + <li>Contributions to controlled documents are subject to Policy on Policy + ("PoP" => COD1)</li> + + <li>Source code is subject to an open source licence regime.</li> + + <li><span class="change">Personal data</span></li> + + <li><span class="change">Postings under competing licenses if clearly + stated when posted</span></li> + </ol> + + <h4><a name="1.4">1.4</a> Privacy</h4> + + <p>You give rights to CAcert to store, verify and + process and publish your data in accordance with policies in force. These + rights include shipping the data to foreign countries for system + administration, support and processing purposes. Such shipping will only be + done among CAcert Community administrators and Assurers.</p> + + <p>Privacy is further covered in the Privacy Policy ("PP" => COD5).</p> + + <h3><a name="2">2.</a> Your Risks, Liabilities and Obligations</h3> + + <p>As a Member, you have risks, liabilities and obligations within this agreement.</p> + + <h4><a name="2.1">2.1</a> Risks</h4> + + <ol> + <li>A certificate may prove unreliable.</li> + + <li>Your account, keys or other security tools may be + lost or otherwise compromised.</li> + + <li>You may find yourself subject to Arbitration (DRP + => COD7).</li> + </ol> + + <h4><a name="2.2">2.2</a> Liabilities</h4> + + <ol> + <li>You are liable for any penalties as awarded + against you by the Arbitrator.</li> + + <li>Remedies are as defined in the DRP (COD7). An + Arbitrator's ruling may include monetary amounts, awarded against + you.</li> + + <li>Your liability is limited to a total maximum of + <b>1000 Euros</b>.</li> + + <li>"Foreign Courts" may assert jurisdiction. These + include your local courts, and are outside our Arbitration. Foreign Courts + will generally refer to the Arbitration Act of their country, which will + generally refer civil cases to Arbitration. The Arbitration Act will not + apply to criminal cases.</li> + </ol> + + <h4><a name="2.3">2.3</a> Obligations</h4> + + <p>You are obliged</p> + + <ol> + <li>to provide accurate information as part of + Assurance. You give permission for verification of the information using + CAcert-approved methods.</li> + + <li>to make no false representations.</li> + + <li>to submit all your disputes to Arbitration (DRP + => COD7).</li> + + <li><span class="change">to assist the Arbitrator by truthfully providing + information, or with any other reasonable request.</span></li> + + <li><span class="change7">to not share your CAcert account.</span></li> + </ol> + + <h4><a name="2.4">2.4</a> Principles</h4> + + <p>As a Member of CAcert, you are a member of the Community. You are further + obliged to work within the spirit of the Principles of the Community. These + are described in <a href= + "http://svn.cacert.org/CAcert/principles.html">Principles of the + Community</a>.</p> + + <h4><a name="2.5">2.5</a> Security</h4> + + <p>CAcert exists to help you to secure yourself. You are primarily + responsible for your own security. Your security obligations include</p> + + <ol> + <li>to secure yourself and your computing platform (e. g. PC),</li> + + <li>to keep your email account in good working order,</li> + + <li>to secure your CAcert account (e. g., credentials such as username, + password),</li> + + <li>to secure your private keys, <span class="change8">ensuring that they + are only used as indicated by the certificate, or by wider agreement with + others,</span></li> + + <li>to review certificates for accuracy, and</li> + + <li>when in doubt, notify CAcert,</li> + + <li>when in doubt, take other reasonable actions, such as revoking + certificates, changing account credentials, and/or generating new + keys.</li> + </ol> + + <p>Where, above, 'secure' means to protect to a reasonable degree, in + proportion with your risks and the risks of others.</p> + + <h3><a name="3">3.</a> Law and Jurisdiction</h3> + + <h4><a name="3.1">3.1</a> Governing Law</h4> + + <p>This agreement is governed under the law of New South Wales, Australia, + being the home of the CAcert Inc. Association.</p> + + <h4><a name="3.2">3.2</a> Arbitration as Forum of Dispute Resolution</h4> + + <p>You agree, with CAcert and all of the Community, that all disputes arising + out of or in connection to our use of CAcert services shall be referred to + and finally resolved by Arbitration under the rules within the Dispute + Resolution Policy of CAcert (DRP => COD7). The rules select a single + Arbitrator chosen by CAcert from among senior Members in the Community. The + ruling of the Arbitrator is binding and final on Members and CAcert + alike.</p> + + <p>In general, the jurisdiction for resolution of disputes is within CAcert's + own forum of Arbitration, as defined and controlled by its own rules (DRP + => COD7).</p> + + <p>We use Arbitration for many purposes beyond the strict nature of disputes, + such as governance and oversight. A systems administrator may need + authorisation to conduct a non-routine action, and Arbitration may provide + that authorisation. Thus, you may find yourself party to Arbitration that is + simply support actions, and you may file disputes in order to initiate + support actions.</p> + + <h4><a name="3.3">3.3</a> Termination</h4> + + <p><span class="strike12">You may terminate this agreement by resigning from + CAcert. You may do this at any time by writing to CAcert's online support + forum and filing dispute to resign. All services will be terminated, and your + certificates will be revoked. However, some information will continue to be + held for certificate processing purposes.</span></p> + + <p><span class="strike12">The provisions on Arbitration survive any + termination by you by leaving CAcert. That is, even if you resign from + CAcert, you are still bound by the DRP (COD7), and the Arbitrator may + reinstate any provision of this agreement or bind you to a ruling.</span></p> + + <p><span class="strike12">Only the Arbitrator may terminate this agreement + with you.</span></p> + + <p><span class="change12">The CAcert Community Agreement is + terminated</span></p> + + <ol> + <li><span class="change12">based on a Policy Group decision following (PoP + => COD1). This terminates the Agreement with every member.</span></li> + + <li><span class="change12">with a ruling of the Arbitrator or the + completion of a termination process defined by an Arbitrator ruling (DRP + => COD7).</span></li> + + <li><span class="change12">by the end of existence of a member (i.e. death + in the case of individuals).</span></li> + </ol> + + <p><span class="change12">A member may declare the wish to resign from CAcert + at any time by writing to <em>support AT cacert.org</em>. This triggers a + process for termination of this agreement with the member.</span></p> + + <h4><span class="change12"><a name="3.3">3.3a</a> Consequences of + Termination</span></h4> + + <p><span class="change12">The termination discontinues the right to USE, + OFFER and CREATE personal certificates in any account of the former member. + Those certificates will be revoked and all services to the former member will + be terminated as soon as possible. However, some information will continue to + be held for certificate processing purposes.</span></p> + + <p><span class="change12">The provisions on Arbitration for the time of + membership survive any termination. Former members are still bound by the DRP + (COD7), and the Arbitrator may reinstate any provision of this agreement or + bind them to a ruling.</span></p> + + <p><span class="change12">As far as Organisations are concerned details are + also defined in the Organisation Assurance Policy (OAP => + COD11).</span></p> + + <p><span class="change12">Every member learning about the death of a member + or termination of existence of a member should notify <em>support AT + cacert.org</em>.</span></p> + + <h4><a name="3.4">3.4</a> Changes of Agreement</h4> + + <p>CAcert may from time to time vary the terms of this Agreement. Changes + will be done according to the documented CAcert policy for changing policies, + and is subject to scrutiny and feedback by the Community. Changes will be + notified to you by email to your primary address.</p> + + <p>If you do not agree to the changes, you may terminate as above. Continued + use of the service shall be deemed to be agreement by you.</p> + + <h4><a name="3.5">3.5</a> Communication</h4> + + <p><span class="change6">You are responsible for keeping your primary email + account in good working order and able to receive emails from + CAcert.</span></p> + + <p>Notifications to CAcert are to be sent by email to the address <em>support + AT cacert.org</em>. You should attach a digital signature<span class= + "strike6">, but need not do so in the event of security or similar + urgency</span>.</p> + + <p><span class="strike6">Notifications to you are sent by CAcert to the + primary email address registered with your account. You are responsible for + keeping your email account in good working order and able to receive emails + from CAcert.</span></p> + + <p><span class="strike6">Arbitration is generally conducted by + email.</span></p> + + <h3><a name="4">4.</a> Miscellaneous</h3> + + <h4><a name="4.1">4.1</a> <span class="strike10">Other Parties Within the + Community</span> <span class="change10">(withdrawn)</span></h4> + + <p class="strike10">As well as you and other Members in the Community, CAcert + forms agreements with third party vendors and others. Thus, such parties will + also be in the Community. Such agreements are also controlled by the same + policy process as this agreement, and they should mirror and reinforce these + terms.</p> + + <h4><a name="4.2">4.2</a> References and Other Binding Documents</h4> + + <p class="strike11">This agreement is CAcert Official Document 9 (COD9) and + is a controlled document.</p> + + <p>You are also bound by <span class="change11">the Policies of the Community + under the control of Policy on Policy ("PoP" => COD1) and listed in + <a href= + "https://svn.cacert.org/CAcert/Policies/ControlledDocumentList.html">Controlled + Document List</a>.</span></p> + + <ol> + <li><span class="strike11"><a href= + "http://www.cacert.org/policy/CertificationPracticeStatement.php">Certification + Practice Statement</a> (CPS => COD6).</span></li> + + <li><span class="strike11"><a href= + "http://www.cacert.org/policy/DisputeResolutionPolicy.php">Dispute + Resolution Policy</a> (DRP => COD7).</span></li> + + <li><span class="strike11"><a href="PrivacyPolicy.html">Privacy Policy</a> + (PP => COD5).</span></li> + + <li><span class="strike11"><a href= + "http://svn.cacert.org/CAcert/principles.html">Principles of the + Community</a>.</span></li> + </ol> + + <p class="strike11">Where documents are referred to as <i>=> COD x</i>, + they are controlled documents under the control of Policy on Policies + (COD1).</p> + + <p class="strike11">This agreement and controlled documents above are + primary, and may not be replaced or waived except by formal policy channels + and by Arbitration.</p> + + <p class="change11">Controlled documents are primary, and may not be replaced + or waived except by formal policy channels and Arbitration.</p> + + <p class="change11">This agreement is controlled document COD9.</p> + + <h4><a name="4.3">4.3</a> Informative References</h4> + <p>The governing documents are in English. Documents may be translated for + convenience. Because we cannot control the legal effect of translations, the + English documents are the ruling ones.</p> + <p class="strike9">You are encouraged to be familiar with the Assurer + Handbook, which provides a more readable introduction for much of the + information needed. The Handbook is not however an agreement, and is + overruled by this agreement and others listed above.</p> -<h3> <a name="0"> 0. </a> Introduction </h3> - -<p> -This agreement is between -you, being a registered member ("Member") -within CAcert's community at large ("Community") -and CAcert Incorporated ("CAcert"), -being an operator of services to the Community. -</p> - -<h4> <a name="0.1"> 0.1 </a> Terms </h4> -<ol><li> - "CAcert" - means CAcert Inc., - a non-profit Association of Members incorporated in - New South Wales, Australia. - Note that Association Members are distinct from - the Members defined here. - </li><li> - "Member" - means you, a registered participant within CAcert's Community, - with an account on the website and the - facility to request certificates. - Members may be individuals ("natural persons") - or organisations ("legal persons"). - </li><li> - "Organisation" - is defined under the Organisation Assurance programme, - and generally includes corporations and other entities - that become Members and become Assured. - </li><li> - "Community" - means all of the Members - that are registered by this agreement - and other parties by other agreements, - all being under CAcert's Arbitration. - </li><li> - "Non-Related Person" ("NRP"), - being someone who is not a - Member, is not part of the Community, - and has not registered their agreement. - Such people are offered the NRP-DaL - another agreement allowing the USE of certificates. - </li><li> - "Non-Related Persons - Disclaimer and Licence" ("NRP-DaL"), - another agreement that is offered to persons outside the - Community. - </li><li> - "Arbitration" - is the Community's forum for - resolving disputes, or jurisdiction. - </li><li> - "Dispute Resolution Policy" ("DRP" => COD7) - is the policy and - rules for resolving disputes. - </li><li> - "USE" - means the act by your software - to conduct its tasks, incorporating - the certificates according to software procedures. - </li><li> - "RELY" - means your human act in taking on a - risk and liability on the basis of the claim(s) - bound within a certificate. - </li><li> - "OFFER" - means the your act - of making available your certificate to another person. - Generally, you install and configure your software - to act as your agent and facilite this and other tasks. - OFFER does not imply suggestion of reliance. - </li><li> - "Issue" - means creation of a certificate by CAcert. - To create a certificate, - CAcert affixes a digital signature from the root - onto a public key and other information. - This act would generally bind a statement or claim, - such as your name, to your key. - </li><li> - "Root" - means CAcert's top level key, - used for signing certificates for Members. - In this document, the term includes any subroots. - </li><li> - "CAcert Official Document" ("COD" => COD3) - in a standard format for describing the details of - operation and governance essential to a certificate authority. - Changes are managed and controlled. - CODs define more technical terms. - See 4.2 for listing of relevant CODs. - </li><li> - "Certification Practice Statement" ("CPS" => COD6) - is the document that controls details - about operational matters within CAcert. -</li></ol> - - -<h3> <a name="1"> 1. </a> Agreement and Licence </h3> - -<h4> <a name="1.1"> 1.1 </a> Agreement </h4> - -<p> -You and CAcert both agree to the terms and conditions -in this agreement. -Your agreement is given by any of -</p> - -<ul><li> - your signature on a form to request assurance of identity - ("CAP" form), - </li><li> - your request on the website - to join the Community and create an account, - </li><li> - your request for Organisation Assurance, - </li><li> - your request for issuing of certificates, or - </li><li> - if you USE, RELY, or OFFER - any certificate issued to you. -</li></ul> - -<p> -Your agreement -is effective from the date of the first event above -that makes this agreement known to you. -This Agreement -replaces and supercedes prior agreements, -including the NRP-DaL. -</p> - - -<h4> <a name="1.2"> 1.2 </a> Licence </h4> - -<p> -As part of the Community, CAcert offers you these rights: -</p> - -<ol><li> - You may USE any certificates issued by CAcert. - </li><li> - You may RELY on any certificate issued by CAcert, - as explained and limited by CPS (COD6). - </li><li> - You may OFFER certificates issued to you by CAcert - to Members for their RELIANCE. - </li><li> - You may OFFER certificates issued to you by CAcert - to NRPs for their USE, within the general principles - of the Community. - </li><li> - This Licence is free of cost, - non-exclusive, and non-transferrable. -</li></ol> - -<h4> <a name="1.3"> 1.3 </a> Your Contributions </h4> - - -<p> -You agree to a non-exclusive non-restrictive non-revokable -transfer of Licence to CAcert for your contributions. -That is, if you post an idea or comment on a CAcert forum, -or email it to other Members, -your work can be used freely by the Community for -CAcert purposes, including placing under CAcert's licences -for wider publication. -</p> - -<p> -You retain authorship rights, and the rights to also transfer -non-exclusive rights to other parties. -That is, you can still use your -ideas and contributions outside the Community. -</p> - -<p> -Note that the following exceptions override this clause: -</p> - -<ol><li> - Contributions to controlled documents are subject to - Policy on Policy ("PoP" => COD1) - </li><li> - Source code is subject to an open source licence regime. -</li></ol> - -<h4> <a name="1.4"> 1.4 </a> Privacy </h4> - - -<p> -You give rights to CAcert to store, verify and process -and publish your data in accordance with policies in force. -These rights include shipping the data to foreign countries -for system administration, support and processing purposes. -Such shipping will only be done among -CAcert Community administrators and Assurers. -</p> - -<p> -Privacy is further covered in the Privacy Policy ("PP" => COD5). -</p> - -<h3> <a name="2"> 2. </a> Your Risks, Liabilities and Obligations </h3> - -<p> -As a Member, you have risks, liabilities -and obligations within this agreement. -</p> - -<h4> <a name="2.1"> 2.1 </a> Risks </h4> - -<ol><li> - A certificate may prove unreliable. - </li><li> - Your account, keys or other security tools may be - lost or otherwise compromised. - </li><li> - You may find yourself subject to Arbitration - (DRP => COD7). -</li></ol> - -<h4> <a name="2.2"> 2.2 </a> Liabilities </h4> - -<ol><li> - You are liable for any penalties - as awarded against you by the Arbitrator. - </li><li> - Remedies are as defined in the DRP (COD7). - An Arbitrator's ruling may - include monetary amounts, awarded against you. - </li><li> - Your liability is limited to - a total maximum of - <b>1000 Euros</b>. - </li><li> - "Foreign Courts" may assert jurisdiction. - These include your local courts, and are outside our Arbitration. - Foreign Courts will generally refer to the Arbitration - Act of their country, which will generally refer - civil cases to Arbitration. - The Arbitration Act will not apply to criminal cases. -</li></ol> - -<h4> <a name="2.3"> 2.3 </a> Obligations </h4> - -<p> - You are obliged -</p> - -<ol><li> - to provide accurate information - as part of Assurance. - You give permission for verification of the information - using CAcert-approved methods. - </li><li> - to make no false representations. - </li><li> - to submit all your disputes to Arbitration - (DRP => COD7). -</li></ol> - -<h4> <a name="2.4"> 2.4 </a> Principles </h4> - -<p> -As a Member of CAcert, you are a member of -the Community. - You are further obliged to - work within the spirit of the Principles - of the Community. - These are described in - <a href="http://svn.cacert.org/CAcert/principles.html">Principles of the Community</a>. -</p> - -<h4> <a name="2.5"> 2.5 </a> Security </h4> -<p> -CAcert exists to help you to secure yourself. -You are primarily responsible for your own security. -Your security obligations include -</p> - -<ol><li> - to secure yourself and your computing platform (e.g., PC), - </li><li> - to keep your email account in good working order, - </li><li> - to secure your CAcert account - (e.g., credentials such as username, password), - </li><li> - to secure your private keys, - </li><li> - to review certificates for accuracy, - and - </li><li> - when in doubt, notify CAcert, - </li><li> - when in doubt, take other reasonable actions, such as - revoking certificates, - changing account credentials, - and/or generating new keys. -</li></ol> - -<p> -Where, above, 'secure' means to protect to a reasonable -degree, in proportion with your risks and the risks of -others. -</p> - -<h3> <a name="3"> 3. </a> Law and Jurisdiction </h3> - -<h4> <a name="3.1"> 3.1 </a> Governing Law </h4> - -<p> -This agreement is governed under the law of -New South Wales, Australia, -being the home of the CAcert Inc. Association. -</p> - -<h4> <a name="3.2"> 3.2 </a> Arbitration as Forum of Dispute Resolution </h4> - -<p> -You agree, with CAcert and all of the Community, -that all disputes arising out -of or in connection to our use of CAcert services -shall be referred to and finally resolved -by Arbitration under the rules within the -Dispute Resolution Policy of CAcert -(DRP => COD7). -The rules select a single Arbitrator chosen by CAcert -from among senior Members in the Community. -The ruling of the Arbitrator is binding and -final on Members and CAcert alike. -</p> - -<p> -In general, the jurisdiction for resolution of disputes -is within CAcert's own forum of Arbitration, -as defined and controlled by its own rules (DRP => COD7). -</p> - -<p> -We use Arbitration for many purposes beyond the strict -nature of disputes, such as governance and oversight. -A systems administrator may -need authorisation to conduct a non-routine action, -and Arbitration may provide that authorisation. -Thus, you may find yourself party to Arbitration -that is simply support actions, and you may file disputes in -order to initiate support actions. -</p> - -<h4> <a name="3.3"> 3.3 </a> Termination </h4> -<p> -You may terminate this agreement by resigning -from CAcert. You may do this at any time by -writing to CAcert's online support forum and -filing dispute to resign. -All services will be terminated, and your -certificates will be revoked. -However, some information will continue to -be held for certificate processing purposes. -</p> - -<p> -The provisions on Arbitration survive any termination -by you by leaving CAcert. -That is, even if you resign from CAcert, -you are still bound by the DRP (COD7), -and the Arbitrator may reinstate any provision of this -agreement or bind you to a ruling. -</p> - -<p> -Only the Arbitrator may terminate this agreement with you. -</p> - -<h4> <a name="3.4"> 3.4 </a> Changes of Agreement </h4> - -<p> -CAcert may from time to time vary the terms of this Agreement. -Changes will be done according to the documented CAcert policy -for changing policies, and is subject to scrutiny and feedback -by the Community. -Changes will be notified to you by email to your primary address. -</p> - -<p> -If you do not agree to the changes, you may terminate as above. -Continued use of the service shall be deemed to be agreement -by you. -</p> - -<h4> <a name="3.5"> 3.5 </a> Communication </h4> - -<p> -Notifications to CAcert are to be sent by -email to the address -<b>support</b> <i>at</i> CAcert.org. -You should attach a digital signature, -but need not do so in the event of security -or similar urgency. -</p> - -<p> -Notifications to you are sent -by CAcert to the primary email address -registered with your account. -You are responsible for keeping your email -account in good working order and able -to receive emails from CAcert. -</p> - -<p> -Arbitration is generally conducted by email. -</p> - -<h3> <a name="4"> 4. </a> Miscellaneous </h3> - -<h4> <a name="4.1"> 4.1 </a> Other Parties Within the Community </h4> - -<p> -As well as you and other Members in the Community, -CAcert forms agreements with third party -vendors and others. -Thus, such parties will also be in the Community. -Such agreements are also controlled by the same -policy process as this agreement, and they should -mirror and reinforce these terms. -</p> - - -<h4> <a name="4.2"> 4.2 </a> References and Other Binding Documents </h4> - -<p> -This agreement is CAcert Official Document 9 (COD9) -and is a controlled document. -</p> - -<p> -You are also bound by -</p> - -<ol><li> - <a href="http://www.cacert.org/policy/CertificationPracticeStatement.php"> - Certification Practice Statement</a> (CPS => COD6). - </li><li> - <a href="http://www.cacert.org/policy/DisputeResolutionPolicy.php"> - Dispute Resolution Policy</a> (DRP => COD7). - </li><li> - <a href="PrivacyPolicy.html"> - Privacy Policy</a> (PP => COD5). - </li><li> - <a href="http://svn.cacert.org/CAcert/principles.html"> - Principles of the Community</a>. -</li></ol> - -<p> -Where documents are referred to as <i>=> COD x</i>, -they are controlled documents -under the control of Policy on Policies (COD1). -</p> - -<p> -This agreement and controlled documents above are primary, -and may not be replaced or waived except -by formal policy channels and by Arbitration. -</p> - -<h4> <a name="4.3"> 4.3 </a> Informative References </h4> - -<p> -The governing documents are in English. -Documents may be translated for convenience. -Because we cannot control the legal effect of translations, -the English documents are the ruling ones. -</p> - -<p> -You are encouraged to be familiar with the -Assurer Handbook, -which provides a more readable introduction for much of -the information needed. -The Handbook is not however an agreement, and is overruled -by this agreement and others listed above. -</p> - -<h4> <a name="4.4"> 4.4 </a> Not Covered in this Agreement </h4> - -<p> -<b>Intellectual Property.</b> -This Licence does not transfer any intellectual -property rights ("IPR") to you. CAcert asserts and -maintains its IPR over its roots, issued certificates, -brands, logos and other assets. -Note that the certificates issued to you -are CAcert's intellectual property -and you do not have rights other than those stated. -</p> + <p class="change9">Beside this Agreement and the Policies, there are other + documents, i. e. Policy Guides, Manuals and Handbooks, supporting and + explaining this Agreement and the Policies. These documents are not binding + and in doubt this Agreement and the Policies are valid.</p> + <h4><a name="4.4">4.4</a> <span class="strike9">Not Covered in this + Agreement</span> <span class="change9">(withdrawn)</span></h4> + <p class="strike9"><b>Intellectual Property.</b> This Licence does not + transfer any intellectual property rights ("IPR") to you. CAcert asserts and + maintains its IPR over its roots, issued certificates, brands, logos and + other assets. Note that the certificates issued to you are CAcert's + intellectual property and you do not have rights other than those stated.</p> </body> </html> |