[cabfpub] Limitation of Liability and Indemnification
Moudrick M. Dadashov
md at ssc.lt
Thu Oct 12 22:11:10 UTC 2017
How about:
BR/EVG --> Webtrust/ETSI schemes --> *Root Store schemes* --> Audit
report --> CP/CPS --> Binding RPA/Subscriber Agreement
Thanks,
M.D
On 10/13/2017 12:58 AM, Ryan Sleevi via Public wrote:
>
>
> On Thu, Oct 12, 2017 at 5:38 PM, Virginia Fournier via Public
> <public at cabforum.org <mailto:public at cabforum.org>> wrote:
>
> Message: 3
> Date: Fri, 13 Oct 2017 00:18:33 +0300
> From: "Moudrick M. Dadashov" <md at ssc.lt <mailto:md at ssc.lt>>
> To: Virginia Fournier via Public <public at cabforum.org
> <mailto:public at cabforum.org>>
> Subject: Re: [cabfpub] Limitation of Liability and Indemnification
> Message-ID: <3b9e4544-5b18-7535-c712-1cf544d7d8c5 at ssc.lt
> <mailto:3b9e4544-5b18-7535-c712-1cf544d7d8c5 at ssc.lt>>
> Content-Type: text/plain; charset="utf-8"; Format="flowed"
>
> Could you please explain why you think BR and EV Requirements are
> only
> binding on members of the Forum?
>
> Thanks,
> M.D.
>
> Hi M.D.
>
> I can see why this would be hard to understand.
>
> Entities who are not members of the Forum have nothing that would
> legally bind them to abide by those limitations. They aren’t
> members, so they aren’t bound by any of the Forum documents -
> Bylaws, Baseline Requirements, etc. They don’t have a written
> agreement with the Forum to abide by certain requirements, so
> they’re not bound that way either.
>
>
> Members of the Forum also aren't bound to abide by the Baseline
> Requirements.
>
> Given this, does that resolve your concern?
>
> The best way to make the limitations binding on the Subscribers,
> Relying Parties, etc. would be for the CAs to enter into
> agreements with those parties, and try to get them to agree to the
> limitations. But, again, they could just ignore the limitations.
>
>
> Perhaps phrased differently - the BRs describe what such agreements
> MUST and SHOULD contain. This is allowing a further modification (a
> MAY) to such agreements. The enforcement and requirement that CAs
> agreements do or do not contain such provisions is done by the root
> stores that individual CAs partner with - not by the Forum.
>
> No member of the Forum is bound to abide by the Baseline Requirements
> by the Forum. The only document any member is bound to is to the IPR
> policy (as per the mutual contracts signed).
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20171013/8e51f6fc/attachment-0003.html>
More information about the Public
mailing list