Microsoft Word - SSL Subscriber Agreement v1 9 clean.docx

SSLCertificateServiceSubscriberAgreement–Version1.9



Starfield Technologies, LLC

SSL Certificate Service Subscriber Agreement

This Starfield Technologies, LLC SSL Certificate Service Subscriber Agreement (“Agreement”) is entered

into by and between Starfield Technologies, LLC, a Delaware limited liability company or its resellers

(collectively, “Starfield”) and You, and is made effective as of the date You submit the Certificate

Application to Starfield. This Agreement sets forth the terms and conditions of Your use of Starfield’s SSL

Certificate Services (“Certificate Services”) and represents the entire agreement between You and

Starfield concerning the subject matter hereof.

Your acceptance of this Agreement signifies that You have read, understand, acknowledge and agree to be

bound by all the terms and conditions of this Agreement. The terms “we”, “us” or “our” shall refer to

Starfield. The terms “You” or “Your” shall refer to any Subscriber and any individual or entity who applies

for and/or uses our Certificate Service on any Subscriber’s behalf with the Subscriber’s permission.

Our Certificate Services are governed by Starfield’s Certification Practice Statement (“CPS”), which may be

amended from time to time, and which is incorporated herein by this reference. The current version of

the CPS may be found at http://www.starfieldtech.com/repository.

I. Definitions.

The following terms shall be defined in this Agreement as follows:

“Application Software Vendors” means a developer of software that displays or uses certificates and

distributes root certificates.

“CAs” or “Certification Authorities” are entities such as Starfield that are authorized to create, sign,

distribute, and revoke certificates. They are also responsible for distributing certificate status information

and providing a repository where certificates and certificate status information is stored.

“Certificate(s)” means the Certificates issued by Starfield pursuant to this Agreement.

“Certificate Beneficiaries” means the Subscriber, the Relying Party and all Application Software Vendors

with whom Starfield has entered into a contract for inclusion of its root certificate in software distributed

by such Application Software Vendors.

“Compromise” means a loss, theft, disclosure, modification, unauthorized use, or other breach of security

related to a Private Key.

“Confidential Information” means all information obtained as a result of the parties’ entering into this

Agreement, which includes but is not limited to, information related to Private Keys, Public Keys,

personally identifying information, passwords, and information that is designated as or intended to be

confidential.

“Private Key” means a confidential encrypted electronic data file that interfaces with a Public Key using the

same encryption algorithm, in order to verify Digital Signatures and encrypt files or messages.

“Public Key” means an encrypted electronic data file that is publicly available for interfacing with a Private

Key.

SSLCertificateServiceSubscriberAgreement–Version1.9



“RAs” or “Registration Authorities”, are the Subordinate Certification Authorities that are under the control

of Starfield.

“Relying Party” means an individual or entity that acts in reliance on a Certificate or digital signature

associated with a Certificate.

“Reseller” means an individual or entity which has been given permission by Starfield to sell products to

Subscribers.

“Subscriber” means the individual or entity that has been issued a Certificate and is authorized to use the

Private Key that corresponds to the Public Key in the Certificate.

“Starfield CPS” means the Starfield Certificate Practice Statement, which defines and describes how the

Starfield PKI and its Certificates work.

“Starfield PKI” means the Starfield Public Key Infrastructure that provides Certificates for individuals and

entities.

“Starfield PKI Site Seal” means a graphic image that a web site displays to show that transactions on that

web site are secured by the Certificate Service.

II. The Certificate Service and Your Obligations as a Subscriber.

Upon receipt of Your Certificate Application and payment, Starfield will initiate the necessary

authentication procedures to validate Your application. Starfield will verify information provided as part of

Your Certificate request prior to issuing the Certificate. Starfield will re-verify this information every three

(3) years during the validity period of the Certificate. Once this has been completed, Starfield shall

provide You with the Certificate Service for each Certificate issued as described in this Agreement and in

the Starfield CPS.

For the benefit of Starfield and the Certificate Beneficiaries, You shall:

(a) generate one or more asymmetric key pairs;

(b) submit Public Keys and credentials for registration;

protect at all times your Private Key that corresponds to the Public Key to be included in the requested

Certificate(s) (and any associated activation data or device – e.g. password or token);

(d) provide accurate and complete information at all times to Starfield, both in the Certificate Application

and as otherwise requested by Starfield in connection with the issuance of the Certificate(s);

(e) use the Starfield PKI Site Seal only if you are in compliance with this Agreement and the Starfield CPS

and are using a Starfield Certificate to secure the application or site on which the seal is displayed;

(f) promptly cease using the Certificate and its associated Private Key, and promptly request Starfield to

revoke the Certificate, in the event that (1) any information in the Certificate is or becomes incorrect or

inaccurate, or (2) there is any actual or suspected misuse or Compromise of the Subscriber’s Private Key

associated with the Public Key included in the Certificate;

(g) use your key pair(s) in compliance with the CPS;

(h) review and verify the Certificate contents for accuracy, and not install or use the Certificate until the

accuracy of the data in each has been reviewed and verified;

(i) install the Certificate only on servers that are accessible at the domain name(s) listed in the Certificate,

and use the Certificate solely in compliance with all applicable laws, and solely in accordance with this

Agreement;

(j) promptly cease all use of the Private Key corresponding to the Public Key included in the Certificate

upon revocation of that Certificate for any reason, including Key Compromise; and

(k) respond to Starfield’s instructions concerning Key Compromise or Certificate misuse within twenty-four

(24) hours.

SSLCertificateServiceSubscriberAgreement–Version1.9



III. Use Restrictions.

You are prohibited from:

(a) using the Certificate Service on behalf of any other entity;

(b) reselling or attempting to resell Your Certificate without the prior written consent of Starfield;

than those submitted by You when You applied for the Certificate;

(d) importing, exporting, or re-exporting directly or indirectly, any commodity, including Your Certificate,

to any country in violation of the laws and regulations of any applicable jurisdiction;

(e) using the Certificate Service to transmit, receive, view or use information which may be associated

with spam or morally objectionable activities. Morally objectionable activities include, but are not limited

to, activities designed to defame, embarrass, harm, abuse, threaten, slander or harass third parties;

activities prohibited by the laws of the United States and/or foreign territories in which You conduct

business; activities designed to encourage unlawful behavior by others, such as hate crimes, terrorism

and child pornography; activities that are tortuous, vulgar, obscene, invasive of the privacy of a third

party, racially, ethnically, or otherwise objectionable; activities designed to impersonate the identity of a

third party; and activities designed to harm minors in any way; or

(f) copying or decompiling (except where such decompilation is permitted by Section 50B of the

Key(s) or Public Key(s).

IV. Starfield Representations and Warranties.

Starfield represents and warrants that, to the best of its knowledge:

(a) it is providing the Certificate Service with reasonable skill and care;

(b) it has taken reasonable care not to introduce informational errors in Your Certificate information when

creating Your Certificate;

entities approving the Certificate Application or issuing the Certificate; and

(d) the Certificate, revocation services, and Starfield’s use of a repository comply in all material respects

with the Starfield CPS.

V. Subscriber Warranties and Representations.

You warrant and represent that:

(a) no unauthorized users have had access to Your Private Key;

(b) the information You put in the Subscriber Certificate is true, accurate and complete;

application or have been granted the right to use the domain names(s) that are the subject of the

Certificate application by the registered holder of the domain name(s);

(d) the Certificate and PKI Site Seal are being used lawfully and with authorization;

(e) You are using the Certificate in a Subscriber capacity, not as a Certificate Authority;

(f) You disclaim any fiduciary duty relationship between Starfield or any non-Starfield Certification

Authorities and You; and

(g) You are not using the Certificate Service in any way that infringes upon the rights of third parties.

VI. Revocation.

Starfield reserves the right to immediately revoke your Certificate if (i) you fail to perform any of the

material obligations under this Agreement or the CPS; (ii) violate any terms of this Agreement or the CPS;

(iii) You do not immediately notify Starfield if You or the entity that You have signed up on the Subscriber

Application changes its name or domain name; (iv) You do not immediately notify Starfield and any

affected individuals if You discover or suspect that there has been a breach of your Private Key or the

security protecting the Private Key; (v) You fail to pay any invoice from Starfield within forty-five (45)

days of receiving it; (iv) You compromise the security or integrity of the Starfield PKI; (v) You improperly

use or misrepresent the Starfield PKI Site Seal; or (vi) at the time of re-verification, any of the information

contributing to the issuance of the Certificate is no longer correct. If Starfield revokes your Certificate

SSLCertificateServiceSubscriberAgreement–Version1.9



without notice to you, you shall pay any charges due but not yet paid under this Agreement. If You wish

to revoke Your Certificate, revocation requests may be submitted via an online certificate revocation

request page.

VII. Private Key Compromise.

You agree that if there is a breach of your Private Key, that You will be solely responsible for any loss or

damages related to the breach.

VIII. Fees.

In consideration for the Certificate Service purchased by You and provided to You by Starfield, You agree

to pay Starfield or its Reseller at the time service is provided. Payment is to be made by You by providing

either a valid credit card, an online check, or using a cash reserve for charge by Starfield or its Reseller

(collectively, the “Payment Method”). If for any reason Starfield or its Reseller is unable to charge Your

Payment Method for the full amount owed Starfield for the Certificate Service, or if Starfield or its Reseller

is charged a penalty for any fee it previously charged to your Payment Method, You agree that Starfield

and its Resellers may pursue all available remedies in order to obtain payment. You agree that among the

remedies Starfield and its Resellers may pursue in order to effect payment, shall include but will not be

limited to, immediate revocation without notice to You of your Certificate Service. Starfield reserves the

right to charge a reasonable service fee for administrative tasks outside the scope of its regular services

or necessary to continue providing a high quality level of service. These include, but are not limited to,

customer service issues that cannot be handled over email but require personal service, and disputes that

require legal services. These charges will be billed to the Payment Method we have on file for You. You

may change your Payment Method at any time by logging into your account. If You elect the automatic

renewal option, Starfield or its Reseller will automatically renew, for a period equivalent to the length of

your original Certificate Service, any Certificate that is up for renewal and will take payment from the

Payment Method You have on file with Starfield or its Reseller, at current rates. If you renew your

Certificate prior to expiration date, any time remaining on the current Certificate will be forfeited if adding

that time to the renewed certificate will result in a certificate that exceeds the maximum validity period of

a subscriber certificate as defined in the CP/CPS.

Refunds. If for any reason You are not completely satisfied with the certificate that has been issued to

You, You may ask Starfield to revoke the certificate within 30 days of issuance for a refund, minus any

fees. Following the initial 30 day period, You may ask Starfield to revoke the certificate and provide a

refund if Starfield has breached a warranty or other material obligation under this CPS relating to the You

or Your certificate.

IX. Term and Termination.

This Agreement shall begin on the date You submit the Certificate Application to Starfield and shall

continue so long as you use the Certificate Service. This Agreement shall terminate only upon revocation

or expiration of each and every Certificate issued to you. Either party may revoke a Certificate for

convenience by providing ten (10) business day’s written notice to the other party, in addition to

Starfield’s revocation rights set forth in Section VI (Revocation).

X. Intellectual Property Rights.

Starfield’s Certificates, Public Keys, and Private Keys are proprietary to Starfield, and title to them remains

with Starfield. All applicable common law and statutory rights in the product and updates of them,

including, but not limited to, service marks, patents, and copyrights, shall be and will remain the property

of Starfield. You shall have no right, title, or interest in such proprietary rights other than that provided

for in this Agreement. Starfield grants You a revocable, non-exclusive, non-transferable license to use its

Certificates associated with its Certificate Service, which includes the Public and Private Keys and any

generated Digital Signatures. Starfield retains all rights it has in any trademark, service mark, trade

name, or other identifying trade symbols that it owns. You agree not to use the Starfield name or logo in

any way without Starfield’s prior written approval. You are prohibited from using names in your

Certificate Application(s) that infringe upon others’ Intellectual Property Rights.

SSLCertificateServiceSubscriberAgreement–Version1.9



XI. Confidentiality.

Confidential Information shall only be used for the purposes necessary under this Agreement. You agree

that any person who You disclose information to must comply with the requirements of this section.

Notwithstanding the previous provisions of this clause, either party may disclose Confidential Information

in accordance with applicable laws and regulations or a judicial or other governmental order. This section

shall survive past the termination of this Agreement for five years.

XII. Disclaimers of Warranties.

STARFIELD, ITS CAS, ITS RESELLERS, CO-MARKETERS, SUBCONTRACTORS, DISTRIBUTORS, AGENTS,

SUPPLIERS, AND EMPLOYEES MAKE NO REPRESENTATIONS AND EXPRESSLY DISCLAIM ALL WARRANTIES

OF ANY KIND UNLESS STATED OTHERWISE WITHIN THE STARFIELD PKI AGREEMENTS, WHETHER

EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF

MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, TITLE, SATISFACTORY

TITLE, AND ALSO INCLUDING WARRANTIES THAT ARE STATUTORY OR BY USAGE OF TRADE. STARFIELD

MAKES NO WARRANTY THAT ITS SERVICE(S) WILL MEET ANY EXPECTATIONS, OR THAT THE SERVICE(S)

WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR FREE, OR THAT DEFECTS WILL BE CORRECTED.

STARFIELD DOES NOT WARRANT, NOR MAKE ANY REPRESENTATIONS REGARDING THE USE, OR

RESULTS OF, ANY OF THE SERVICES WE PROVIDE, IN TERMS OF THEIR CORRECTNESS, ACCURACY,

RELIABILITY, OR OTHERWISE.

XIII. Indemnity.

You shall indemnify and hold harmless Starfield, any non-Starfield Certificate Authorities associated with

Starfield PKI, and Starfield’s contractors, agents, employees, officers, directors, shareholders, affiliates

and assigns from and against any claims, liabilities, damages, costs and expenses, including reasonable

attorney’s fees, court costs, and experts fees, of third parties relating to or arising out of or relating to any

use or reliance by a Relying Party on any Starfield Certificate or any service provided in respect to

Starfield Certificates, including (i) any misrepresentations, omissions or false statements by you on the

Certificate Application, (ii) any unauthorized use or modification of a Starfield Certificate, (iii) failure to

take proper measure to assure the security of a Starfield Certificate, and (iv) violations of intellectual

property. You agree to notify Starfield of any such claim promptly in writing and to allow Starfield to

control the proceedings. You agree to cooperate fully with Starfield during such proceedings. You shall

defend and settle at Your sole expense all proceedings arising out of the foregoing.

XIV. Limitation of Liability.

STARFIELD SHALL NOT BE LIABLE FOR ANY LOSS OF CERTIFICATE SERVICES DUE TO (I) WAR, NATURAL

DISASTERS OR OTHER UNCONTROLLABLE FORCES; (2) AN INTERRUPTION THAT OCCURS BETWEEN THE

TIME A CERTIFICATE IS REVOKED OR EXPIRES AND THE NEXT SCHEDULED ISSUANCE OF A

CERTIFICATE, (3) ARISING FROM THE NEGLIGENT OR FRAUDULENT USE OF CERTIFICATES ISSUED BY

STARFIELD, OR (4) DUE TO DISCLOSURE OF PERSONAL INFORMATION CONTAINED WITHIN

CERTIFICATES.

THE TOTAL CUMULATIVE LIABILITY OF STARFIELD, ANY INDEPENDENT THIRD-PARTY REGISTRATION

AUTHORITY OPERATING UNDER A STARFIELD CA, ANY RESELLERS, OR CO-MARKETERS, OR ANY

SUBCONTRACTORS, DISTRIBUTORS, AGENTS, SUPPLIERS, EMPLOYEES, OR DIRECTORS OF ANY OF THE

FOREGOING TO ANY APPLICANT, SUBSCRIBER, RELYING PARTY OR ANY OTHER PERSON, ENTITY, OR

ORGANIZATION ARISING OUT OF OR RELATING TO ANY STARFIELD CERTIFICATE OR ANY SERVICES

PROVIDED IN RESPECT TO STARFIELD CERTIFICATES, INCLUDING ANY USE OR RELIANCE ON ANY

STARFIELD CERTIFICATE, SHALL NOT EXCEED (A) TEN THOUSAND UNITED STATES DOLLARS

($10,000.00) FOR EACH MEDIUM ASSURANCE CERTIFICATE (“MEDIUM ASSURANCE CUMULATIVE

DAMAGE LIMIT”); OR (B) ONE HUNDRED FIFTY THOUSAND UNITED STATES DOLLARS ($150,000.00) FOR

EACH HIGH ASSURANCE CERTIFICATE (“HIGH ASSURANCE CUMULATIVE DAMAGE LIMIT”)

(COLLECTIVELY, “CUMULATIVE DAMAGE LIMITS”). THESE CUMULATIVE DAMAGE LIMITS SHALL APPLY

PER STARFIELD CERTIFICATE REGARDLESS OF THE NUMBER OF TRANSACTIONS OR CAUSES OF ACTION

SSLCertificateServiceSubscriberAgreement–Version1.9



ARISING OUT OF OR RELATED TO SUCH STARFIELD CERTIFICATE OR ANY SERVICES PROVIDED IN

RESPECT TO SUCH STARFIELD CERTIFICATE. THE FOREGOING LIMITATIONS SHALL APPLY TO ANY

LIABILITY WHETHER BASED IN CONTRACT (INCLUDING FUNDAMENTAL BREACH), TORT (INCLUDING

NEGLIGENCE), LEGISLATION OR ANY OTHER THEORY OF LIABILITY, INCLUDING ANY DIRECT, INDIRECT,

SPECIAL, STATUTORY, PUNITIVE, EXEMPLARY, CONSEQUENTIAL, RELIANCE, OR INCIDENTAL DAMAGES.

XV. Modifications.

You agree that Starfield may modify this Agreement, the Certificate specifications and the terms of the

Certificate Service from time to time, including, but not limited to, limiting the lifetime or modifying the

functions of the Certificates as required by any law, regulation or industry standard. Any such revisions

shall be binding and effective immediately upon posting the revised Agreement on the Starfield website.

By continuing to use Starfield’s Certificate Service after there has been a revision to this Agreement or the

Service, you agree to be bound by such revision.

XVI. Force Majeure.

Neither party shall be in default or otherwise liable for any delay in or failure of its performance under this

Agreement if such delay or failure arises by any reason beyond its reasonable control, including any act of

God, any acts of the common enemy, the elements, earthquakes, floods, fires, epidemics, riots, failures or

delay in transportation or communications, or any act or failure to act by the other party or such other

party’s employees, agents or contractors; provided, however, that lack of funds shall not be deemed to be

a reason beyond a party’s reasonable control. The parties will promptly inform and consult with each

other as to any of the above causes which in their judgment may or could be the cause of a delay in the

performance of this Agreement.

XVII. Severability and Entire Agreement.

You agree that the terms of this Agreement are severable. If any part of this Agreement is determined to

be unenforceable or invalid, that part of the agreement will be interpreted in accordance with applicable

law as closely as possible, in line with the original intention of both parties of the Agreement. The

remaining terms and conditions of the agreement will remain in full force and effect.

You agree that this Agreement including the policies it refers to (i.e. the CPS, etc.) constitute the complete

and only agreement between You and Starfield regarding the Certificate Service contemplated herein.

XVIII. Venue; Waiver of Trial by Jury.

THIS AGREEMENT SHALL BE DEEMED ENTERED INTO IN THE STATE OF ARIZONA, REGARDLESS OF

CONTRACT OR OTHER CHOICE OF LAW PROVISIONS. THE LAWS AND JUDICIAL DECISIONS OF

MARICOPA COUNTY, ARIZONA, SHALL BE USED TO DETERMINE THE VALIDITY, CONSTRUCTION,

INTERPRETATION AND LEGAL EFFECT OF THIS AGREEMENT. YOU AGREE THAT ANY ACTION RELATING TO

OR ARISING OUT OF THIS AGREEMENT, SHALL BE BROUGHT IN THE COURTS OF MARICOPA COUNTY,

ARIZONA. ANY APPLICABLE NATIONAL, STATE, LOCAL AND FOREIGN LAWS, RULES, REGULATIONS,

ORDINANCES, DECREES, AND ORDERS INCLUDING, BUT NOT LIMITED TO, RESTRICTIONS ON

EXPORTING OR IMPORTING SOFTWARE, HARDWARE, OR TECHNICAL INFORMATION SHALL APPLY TO

THIS AGREEMENT. YOU AGREE TO WAIVE THE RIGHT TO TRIAL BY JURY IN ANY PROCEEDING THAT

TAKES PLACE RELATING TO OR ARISING OUT OF THIS AGREEMENT.

XIX. Assignment.

You shall not assign or otherwise transfer the this Agreement to anyone, including any parent,

subsidiaries, affiliated entities or third parties, or as part of the sale of any portion of its business, or

pursuant to any merger, consolidation or reorganization, without Starfield’s prior written consent.

XX. Waiver.

The waiver or failure of either party to exercise in any respect any right provided for in this Agreement

shall not be deemed a waiver of any further right under this Agreement.

XXI. Survival.

SSLCertificateServiceSubscriberAgreement–Version1.9



Parts III, VII, VIII, IX, X, XI, XII, XIII, XIV, XVI, XVII, XVIII, XIX and XXI shall survive the termination of

this Agreement.

XXII. Notices.

Any notice, demand, or request pertaining to this Agreement or related agreements, such as the CPS,

shall be communicated either using email or in writing. Electronic communications shall be effective when

received by the intended recipient, and written communications shall be effective five days after mailing or

upon receipt, whichever is sooner. Notices concerning breach will be sent either to the email address You

have on file with Starfield or mailed first class postage to the postal address You have on file with

Starfield.

Notices from You to Starfield shall be made either by email, sent to the address we provide on our web

site, or first class mail to our address at:

Starfield PKI

C/O Starfield Technologies, LLC

14455 North Hayden Rd., Suite 219

Scottsdale, AZ 85260

[email protected]