GlobalSign Summary CPS

This is a summary of GlobalSign’s certification practise statements (CPS) which are available at http://www.globalsign.net/repository.

It summarises most important rights, obligations and liability issues.

 

1. Table of contents

   1. Table of contents *

   2. GlobalSign's certification services *

   3. Rights and obligations of applicants/ subscribers *

   4. GlobalSign's rights and obligations *

   5. Use of certificates *

   5.1 Verification of Digital Signatures *

   5.2 Effect of Validating an End-User Subscriber Certificate *

   5.3 Procedures upon Failure of Digital Signature Verification *

   5.4 Reliance on Digital Signatures *

   5.5 Writings *

   5.6 Signatures *

   5.7 Security Measures *

   5.8 Suspension and Revocation *

   6. Liability *

   6.1 GlobalSign’s liability *

   6.2 Subscriber's liability to relying parties *

   7. No fiduciary relationship *

   8. Hazardous Activities *

   9. Infringement and Other Damaging Material *

   10. Fees *

   11. Choice of Cryptographic Methods *

2. GlobalSign's certification services

   GlobalSign’s public certification services are designed to support secure electronic commerce and other general security services to satisfy users’ technical, business, and personal needs for digital signatures and other network security services. To accomplish this, GlobalSign serves as a trusted third party, issuing, managing, suspending, and revoking certificates in accordance with published practices.

   GlobalSign currently offers three distinct levels of public certification services. Each level, or class, of certificate provides specific functionality and security features. Certificate applicants choose from this set of service qualities according to their needs; they must specify which class of certificate they desire.

   Class 1 certificates do not facilitate the authentication of the identity of the subscriber. Rather, they merely represent a simple check of the non-ambiguity of the e-mail address within the GlobalSign repository. The subscriber’s e-mail address contained in a Class 1 certificate is considered nonverified subscriber information. These certificates provide the lowest level of assurance of all GlobalSign certificate. They are not intended for use where proof of identity is required. They are intended for demonstration purposes.

   Class 2 certificates may provide reasonable, but not foolproof, assurance of a subscriber’s identity, based on a process that compares the applicant’s name, address, and other personal information on the certificate application against a signed copy of the ID card, driver's license or passport.

   Individual Class 3 certificate processes utilise various procedures to obtain probative evidence of the identity of individual subscribers. These validation procedures provide stronger assurances of an applicant’s identity than Class 2 certificates. The practical uses and reliability of Class 3 certificates are bolstered by utilising LRA’s (an existing, important, and legally-recognised authentication process). For business entity Class 3 certificates (Secure Server certificates), the requirement for "out-of-band" communication with the business organisation and confirmation of business entity information and of the domain name provide further assurance of trustworthiness.

   GlobalSign’s public certification services support a variety of security mechanisms to protect communications and information assets. Certificates alone do not, however, constitute such a mechanism. Rather, GlobalSign’s services provide a framework within which security services may be used by other communicating parties. This framework uses digital signatures and their verification to facilitate the protection of communication and computer-based trade and commerce over open data networks and provides a means for determining whether security services are in fact providing the intended assurances.

3. Rights and obligations of applicants/subscribers

   The user acknowledges that GlobalSign has provided him with sufficient information to become familiar with digital signatures and certificates before applying for, using, and relying upon a certificate.

   Users must independently assess and determine the appropriateness of each class of certificate for any particular purpose.

   All persons desiring a certificate shall contemporaneously complete the following general procedures for each certificate application:

    

   • generate a key pair and demonstrate to GlobalSign that it is a functioning key pair,
   • protect the private key (of this key pair) from compromise, the software system should provide this functionality.
   • submit a certificate application (and subscriber agreement), including the public key of this key pair, to GlobalSign,
   • prove their identity

   The user must accept a certificate before communicating it to others, or otherwise inducing their use of it.

   The user agrees to notify GlobalSign upon compromise of his private key.

   By accepting a certificate issued by GlobalSign, the subscriber certifies to and agrees with GlobalSign and to all who reasonably rely on the information contained in the certificate that at the time of acceptance and throughout the operational period of the certificate, until notified otherwise by the subscriber,

   1. each digital signature created using the private key corresponding to the public key listed in the certificate is the digital signature of the subscriber and the certificate has been accepted and is operational (not expired, suspended or revoked) at the time the digital signature is created,
   2. no unauthorised person has ever had access to the subscriber’s private key,
   3. all representations made by the subscriber to GlobalSign regarding the information contained in the certificate are true,
   4. all information contained in the certificate is true to the extent that the subscriber had knowledge or notice of such information and does not promptly notify GlobalSign of any material inaccuracies in such information,
   5. the certificate is being used exclusively for authorised and legal purposes,
   6. the subscriber is an end-user subscriber and not an Issuing Authority, and will not use the private key corresponding to any public key listed in the certificate for purposes of signing any certificate (or any other format of certified public key) or CRL, as an Issuing Authority or otherwise, unless expressly agreed in writing between subscriber and GlobalSign.

   By accepting a certificate, the subscriber assumes a duty to retain control of the subscriber’s private key, to use a trustworthy system, and to take reasonable precautions to prevent its loss, disclosure, modification, or unauthorized use.

   The user must revoke his certificate when there has been a loss, theft, modification, unauthorised disclosure, or other compromise of the private key of the certificate. (see 5 for revoke and suspension)

   By accepting a certificate, the subscriber agrees to indemnify and hold GlobalSign harmless from any acts or omissions resulting in liability, any loss or damage, and any suits and expenses of any kind that GlobalSign may incur, that are caused by the use or publication of a certificate and that arises from

   1. Falsehood or misrepresentation of fact by the subscriber
   2. Failure by the subscriber to disclose a a material fact, if the misrepresentation or omission was made negligently or with intent to deceive GlobalSign or any person receiving or relying on the certificate
   3. Failure to protect the subscriber's private key, to use a trustworthy system, or to otherwise take the precautions necessary to prevent thecompromise, loss, disclosure, modification or unauthorized use of the subscriber's private key.

   For obligations related to the verification of digital signatures see 4.

4. GlobalSign's rights and obligations

   GlobalSign neither generates nor holds the private keys of certificate applicants or subscribers. Also GlobalSign cannot ascertain or enforce any particular private key protection requirements of any applicant or subscriber.

   Upon receipt of a certificate application GlobalSign shall perform all required validations as a prerequisite to certificate issuance, as follows.

   GlobalSign shall confirm that

   1. the certificate applicant is the person identified in the request (in accordance with and only to the extent provided in the certificate class descriptions, 
   2. the certificate applicant rightfully holds the private key corresponding to the public key to be listed in the certificate (this obligation may be satisfied by a statement to this effect from the certificate applicant),
   3. the information to be listed in the certificate is accurate, except for nonverified subscriber information, and
   4. any agents who apply for a certificate listing the certificate applicant’s public key (permissible for Class 3 certificates, for business entities only) are duly authorised to make such a request.

   Once a certificate is issued, GlobalSign shall have no continuing duty to monitor and investigate the accuracy of the information in a certificate, unless GlobalSign is notified in accordance with that certificate’s compromise.

   Unless otherwise provided in the CPS or mutually agreed upon by both GlobalSign and the subscriber in an authenticated record, GlobalSign promises to the subscriber named in the certificate that

   1. there are no misrepresentations of fact in the certificate known to GlobalSign or originating from GlobalSign,
   2. there are no data transcription errors as received by GlobalSign from the certificate applicant resulting from a failure of GlobalSign to exercise reasonable care in creating the certificate, and
   3. the certificate meets all material requirements of the CPS.

   Unless otherwise provided in this CPS or mutually agreed upon by both GlobalSign and the subscriber in an authenticated record, GlobalSign promises to the subscriber to make reasonable efforts,

   1. to promptly revoke or suspend certificates upon request of the subscriber,
   2. to notify subscribers of any facts known to it that materially affect the validity and reliability of the certificate it issued to such subscriber.

   Upon subscriber’s acceptance of the certificate, and checking by GlobalSign, GlobalSign shall publish a copy of the certificate in the GlobalSign repository and in one or more other repositories, as determined by GlobalSign. Subscribers may publish their GlobalSign certificates in other repositories.

   For obligations related to revocation and suspension see 5.

   GlobalSign provides the controls and foundation for PKI, including IA key generation, key protection, and secret sharing procedures. GlobalSign warrants that the own private keys are not compromised unless they provide notice to the contrary via the GlobalSign repository.

5. Use of certificates

   The parties (GlobalSign and the parties who are "users" of the certificate, i.e., the subscriber and the relying parties), are hereby notified of the following rules governing the respective rights and obligations of the parties among themselves, which are also deemed to be agreed by the parties, effective

   1. upon publication of the CPS in the case of GlobalSign;
   2. upon submission of an application for a certificate, in the case of an applicant or subscriber; (iii) upon reliance of a certificate or a digital signature verifiable with reference to a public key listed in the certificate, in the case of a recipient of a certificate or a relying party.

   5.1 Verification of Digital Signatures

   Verification of a digital signature, is undertaken to determine that

   1. the digital signature was created by the private key corresponding to the public key listed in the signer’s certificate and that
   2. the associated message has not been altered since the digital signature was created.

   Such verification shall be undertaken as follows:

   • Checking the GlobalSign (or other) repository for revocation or suspension of certificates – The recipient must determine if any of the certificates along the chain from the signer to an acceptable root has been revoked or suspended, because a revocation or suspension has the effect of prematurely terminating the operational period during which verifiable digital signatures can be created. This may be ascertained in two different ways. The GlobalSign repository may be queried for the most up-to-date revocation status. Alternatively, CRLs may have been provided in the certificate chain. These CRLs may be used to determine the revocation status of certificates in the chain.
   • Delimiting data to which digital signatures are attached – In order to verify a digital signature it is necessary to know precisely what data has been signed. In the case of public key cryptography standards (PKCS), a standard signed message format is specified to accurately denote the signed data.
   • Indicating digital signature time and date of creation – In order for a digital signature to support non-repudiation, the data to which the corresponding digital signature is attached must include, or reference, a time stamp. The time stamp shall reflect the time at which date and time the digital signature is affixed.
   • Establishing the assurances intended by its signer – Various technical means may be used to determine the purpose (or meaning) of the digital signature intended by its signer. In formal protocols (such as EDI), digital signatures are classified as specified security services with defined semantics so as to convey their precise meaning. The verifier should also determine whether the certificate is normal or provisional.
   • Ensuring that all certificates in the chain authorise use of an end-user subscriber private key – GlobalSign may limit the purposes for which a private key corresponding to a certificate it issues may be used. Such limitations are indicated or incorporated by reference in the certificate and provide a means to warn recipients of situations for which reliance upon the certificate would not be considered reasonable. Persons validating certificates must inspect certificate contents for such warnings and limitations to ensure that no certificate in the chain denies appropriate use of an end-user subscriber certificate.

   5.2 Effect of Validating an End-User Subscriber Certificate

   A digital signature can be binding against its maker if it (i) was created during the operational period of a valid certificate, (ii) such digital signature can be properly verified by confirmation of certificate chain (iii) the relying party has no knowledge or notice of a breach of the requirements of the CPS by the signer, and (iv) the relying party has complied with all requirements of the CPS.

   5.3 Procedures upon Failure of Digital Signature Verification

   A person relying on an unverifiable digital signature assumes all risks with regard to it and is not entitled to any presumption that the digital signature is effective as the signature of the subscriber.

   5.4 Reliance on Digital Signatures

   A recipient of a message signed by a digital signature of the subscriber may rely upon that digital signature as binding against the subscriber if:

   1. the digital signature was created during the operational period of a valid certificate and it can be verified by referencing a validated certificate chain, and
   2. such reliance is reasonable under the circumstances. If the circumstances indicate a need for additional assurances, the relying party must obtain such assurances for such reliance to be reasonable.

   Additionally, the verifier should consider the class of certificate. The final decision concerning whether or not to rely on a verified digital signature is exclusively that of the verifier.

   5.5 Writings

   When admitted by law, a message bearing a digital signature verified by the public key listed in a valid certificate is as valid, effective, and enforceable as if the message had been written and signed on paper.

   5.6 Signatures

   Where a rule of law or applicable practice requires a signature or provides for certain consequences in the absence of a signature, that rule can be satisfied in relation to a message by a digital signature affixed by a signer with the intention of signing a message and subsequently verified by reference to the public key listed in a valid certificate, if admitted by law.

   5.7 Security Measures

   Any person using or relying upon a GlobalSign certificate in conjunction with a message shall apply reasonable security measures to the message to provide message authentication and, as required, to support data confidentiality.

   5.8 Suspension and Revocation

   A certificate shall be suspended or revoked if

   • there has been a loss, theft, modification, unauthorised disclosure, or other compromise of the private key of the certificate’s subject,
   • the certificate’s subject (whether GlobalSign or a subscriber) has breached a material obligation under the CPS, or
   • the performance of a person’s obligations under the CPS is delayed or prevented by an act of God, natural disaster, computer or communications failure, or other cause beyond the person's reasonable control, and as a result another person’s information is materially threatened or compromised.

   GlobalSign must make a reasonable effort to suspend or revoke a certificate, if it determines any of the following:

   • a material fact represented in the certificate is known or reasonably believed by GlobalSign to be false,
   • a material prerequisite to certificate issuance was neither satisfied nor waived,
   • the private key or trustworthy system was compromised in a manner materially affecting the certificate's reliability, or
   • the certificate’s subject has breached a material obligation under the CPS.

   GlobalSign must revoke a certificate upon the subscriber’s request once it has confirmed that the person requesting the revocation is in fact the subscriber. The request must be done in the form of an authenticated record from the subscriber or its agent or by means of a challenge phrase or recitation of certain presubmitted enrolment information.

   Upon suspending or revoking a certificate, GlobalSign must publish notice of the suspension or revocation in the GlobalSign repository.

   During suspension, or permanently upon revocation of a subscriber’s certificate, that certificate’s operational period shall immediately be considered terminated.

   Suspension or revocation of a certificate shall not affect any underlying contractual obligations created or communicated under the CPS.

   Private keys corresponding to public keys contained in suspended or revoked certificates shall be safeguarded by the subscriber in a trustworthy manner throughout the period of suspension and, upon revocation for the applicable retention period, unless destroyed.

6. Liability

   6.1 GlobalSign’s liability

   GlobalSign

   • does not warrant the accuracy, authenticity, completeness or fitness of any unverified information contained in certificates or otherwise compiled, published, or disseminated by or on behalf of GlobalSign,
   • does not warrant the accuracy, authenticity, completeness or fitness of any information contained in class 1 certificates,
   • shall not incur liability for representations of information contained in a certificate, provided the certificate content substantially complies with the CPS,
   • does not warrant "non-repudiation" of any certificate or message (because non-repudiation is determined exclusively by law and the applicable dispute resolution mechanism), and
   • does not warrant any software.

   In no event (except for fraud or wilful misconduct) shall GlobalSign be liable for any indirect, incidental or consequential damages, or for any loss or profits, loss of data, or other indirect, consequential or punitive damages arising from or in connection with the use, delivery, license, performance or non performance of certificates, digital signatures, or any other transactions or services offered or contemplated by the CPS. GlobalSign shall only be liable for damage due to reliance (in accordance with the CPS) on the verified information in a class 2 or class 3 certificate. GlobalSign will not be liable in this case if the fault in this verified information is due to fraud or wilful misconduct of the applicant.

   In no event (except for fraud or wilful misconduct) will the liability of GlobalSign to all parties (including without limitation a subscriber, an applicant, a recipient, or a relying party) exceed the applicable liability cap for such certificate set forth in this table.

   The liability of GlobalSign to any and all persons concerning a specific certificate shall be limited to an amount not to exceed the following, for the aggregate of all digital signatures and transactions related to such certificate:

   	Liability Caps
   Class 1	0 BEF
   Class 2	100.000 BEF
   Class 3	1.500.000 BEF

   Table 14 - Liability Caps

   6.2 Subscriber's liability to relying parties

   Without limiting other subscriber obligations stated in the CPS, subscribers are liable for any misrepresentations they make in certificates to third parties that, having verified one or more digital signatures with the certificate, reasonably rely on the representations contained therein.

7. No fiduciary relationship

   The relationship between GlobalSign and subscribers and that between GlobalSign and relying parties is not that of agent and principal. Neither subscribers nor relying parties have any authority to bind GlobalSign, by contract or otherwise, to any obligation. GlobalSign shall make no representations to the contrary, either expressly, implicitly, by appearance, or otherwise.

8. Hazardous Activities

   GlobalSign’s public certification services are not designed, intended, or authorised for use or resale as control equipment in hazardous circumstances or for uses requiring fail-safe performance such as the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control systems, or weapons control systems, where failure could lead directly to death, personal injury, or severe environmental damage.

9. Infringement and Other Damaging Material

   Certificate applicants (and, upon acceptance, subscribers) represent and warrant that their submission (to GlobalSign) and use of a domain and distinguished name (and all other certificate application information) does not interfere with or infringe upon the rights of any third parties in any jurisdiction with respect to their trademarks, service marks, trade names, company names, or any other intellectual property right, and that they are not seeking to use the domain and distinguished names for any unlawful purpose, including, without limitation, tortuous interference with contract or prospective business advantage, unfair competition, injuring the reputation of another, and confusing or misleading a person, whether natural or incorporated. Certificate applicants (and, upon acceptance, subscribers) shall defend, indemnify, and hold GlobalSign harmless for any loss or damage resulting from any such interference or infringement.

   GlobalSign shall not be responsible for non-verified subscriber information submitted to GlobalSign, or the GlobalSign repository or otherwise submitted for inclusion in a certificate. In particular, subscribers shall be solely responsible for the legality of the information they present for use in certificates issued under this CPS, in any jurisdiction in which such content may be used or viewed. Because laws regarding the transmission and availability of information content are constantly changing and vary widely, certificate applicants’ and subscribers’ responsibilities are determined not only by laws in existence at the time GlobalSign issues a certificate to a certificate applicant but also by any laws that may be enacted after such date. Certificate applicants and subscribers should be aware that there are many laws regarding the transmission of data, especially data that is encrypted or involves encryption algorithms, and that these laws may vary dramatically from country to country. Further, it is generally not possible to limit the distribution of content on the Internet or certain other networks based on the locality of the user/viewer, and this may require certificate applicants and subscribers to comply with the laws of each jurisdiction in which the content may be viewed or used.

   Certificate applicants and subscribers will not submit to GlobalSign, or the GlobalSign repository any materials that contain statements that (i) are libellous, defamatory, obscene, pornographic, abusive, bigoted, hateful, or racially offensive, (ii) advocate illegal activity or discuss illegal activities with the intent to commit them, or (iii) otherwise violate any law.

10. Fees

    GlobalSign may charge subscribers fees for their use of GlobalSign’s services. A current schedule of such fees is available from the GlobalSign repository at http://www.globalsign.net/products. Such fees are subject to change seven (7) days following their posting in the GlobalSign repository.

11. Choice of Cryptographic Methods

All persons acknowledge that they are solely responsible for and have exercised independent judgement in choosing security software, hardware, and encryption/digital signature algorithms, including their respective parameters, procedures, and techniques.