[cabfpub] Ballot 121 (insurance)

Arno Fiedler arno.fiedler at nimbus-berlin.com
Wed Jul 9 12:04:46 UTC 2014 

Hello,
it sounds very US-centric and very detailed, "/MUST be with a company 
rated no less than A- as to Policy Holder's Rating in the current 
edition of Best's Insurance Guide"/ seems to be not applicable for "Rest 
of World."
Best regards
arno


Am 08.07.2014 17:04, schrieb Ben Wilson:
>
> All,
>
> Based on feedback received so far from several international cyber 
> insurance experts, here is a current iteration for revisions to 
> Section 8.4 of the EV Guidelines (redlined PDF attached).
>
> This is only for the EV Guidelines and would apply to CAs desiring to 
> issue Extended Validation Certificates.
>
> This wording may be further refined based upon your input to Jeremy's 
> question and as any other information from insurance experts comes in.
>
> Please check with your insurance brokers to confirm that you either 
> already have these coverages or that these can be obtained by your 
> company at reasonable cost.
>
> Thanks,
>
> Ben
>
>
>     8.4.Insurance
>
> Effective _______, each CA SHALL continuously maintain the following 
> insurance related to its performance and obligations under these 
> Guidelines:
>
> (A) insurance covering damages to systems, data, or software and for 
> business interruptions due to natural disaster, fire, IT security 
> failure, malware, cyber attack / criminal hacker, or theft, in the 
> amount of at least two million US dollars ($2 million) in coverage; and
>
> (B) Technology Errors and Omissions insurance, with policy limits of 
> at least five million US dollars ($5,000,000 per claim and in the 
> aggregate) covering financial damages to third parties arising out of 
> a negligent act, error, or omission in the performance of technology 
> services under these Guidelines with coverage to be kept in place for 
> all periods during which an EV Certificate issued by the CA is still 
> valid. If coverage is non-renewed or canceled, the CA shall purchase 
> extended reporting period coverage for at least a two-year period. 
> Territory of coverage shall be global, except for countries sanctioned 
> by the United States or the European Union.
>
> Such insurance must not exclude coverage when providing public key 
> infrastructure services and MUST be with a company rated no less than 
> A- as to Policy Holder's Rating in the current edition of Best's 
> Insurance Guide (or with an association of companies each of the 
> members of which are so rated).
>
> A CA MAY self-insure for liabilities that arise from such party's 
> performance and obligations under these Guidelinesprovided that it has 
> at least five hundred million US dollars in liquid assets based on 
> audited financial statements in the past twelve months, and a quick 
> ratio (ratio of liquid assets to current liabilities) of not less than 
> 1.0.
>
>

-- 
Arno Fiedler
Nimbus Technologieberatung GmbH
Reichensteiner Weg 17
14195 Berlin
Mobil:      0049-(0)172-3053272
Fax:        0049-(0)30-89745-777
E-Mail:     arno.fiedler at nimbus-berlin.com
Web:        www.nimbus-berlin.com
Geschäftsführer:  Arno Fiedler
USt-IdNr. :       DE 203 269 920
D-U-N-S® Nr.      50-730-8117
HandelsregisterNr:HRB 109409 B

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140709/616a9fbc/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: arno_fiedler.vcf
Type: text/x-vcard
Size: 302 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140709/616a9fbc/attachment-0003.vcf>

More information about the Public mailing list