[cabf_validation] Change in liability for EV certificates
Moudrick M. Dadashov
md at ssc.lt
Sun Jun 4 07:23:06 MST 2017
Good day, Peter
thank you, IMO this would be a good step forward, we'll endorse this.
Thanks,
M.D.
On 6/3/2017 6:22 PM, Peter Bowen via Validation wrote:
>
> Here is a revision of Version 2.
>
> 18. Liability and Indemnification
>
> CAs MAY limit their liability as described in Section 9.8 of the
> Baseline Requirements except that a CA MAY NOT limit its liability
> to Subscribers or Relying Parties for legally recognized and
> provable claims to a monetary amount less than the least of:
> (1) five million US dollars – aggregated across all claims,
> Subscribers, and Relying Parties –for all EV Certificates issued
> by the CA during any continuous 12 month period; (2) one hundred
> thousand US dollars – aggregated across all claims, Subscribers,
> and Relying Parties – per EV Certificate; and (3) two thousand US
> dollars per Subscriber or Relying Party per EV Certificate. These
> limitations are notwithstanding anything in the Baseline
> Requirements purportedly to the contrary.
>
> A CA's indemnification obligations and a Root CA’s obligations
> with respect to subordinate CAs are set forth in Section 9.9 of
> the Baseline Requirements.
>
>
> I’ll put together a draft ballot if I can get a couple of endorsers.
>
> Thanks,
> Peter
>
>> On Jun 1, 2017, at 10:24 AM, Kirk Hall via Validation
>> <validation at cabforum.org <mailto:validation at cabforum.org>> wrote:
>>
>> Here are two versions of what we discussed today. _Peter and Ben_– do
>> you want to take this and run with it? You can create a draft ballot
>> and put up for discussion on the next call June 8…
>> *_Version 1 – Aggregate Limit per EV Certificate Only_*
>> **
>> 18. Liability and Indemnification
>> CAs MAY limit their liability as described in Section 18 of the
>> Baseline Requirements except that a CA MAY NOT limit its liability to
>> Subscribers or Relying Parties for legally recognized and provable
>> claims to a monetary amount less than two thousand US dollars per
>> Subscriber or Relying Party per EV Certificate. *_CA MAY limit their
>> aggregate liability to all Subscribers and Relying Parties for all
>> claims per EV Certificate to an amount not less than $100,000_*
>> A CA's indemnification obligations and a Root CA’s obligations with
>> respect to subordinate CAs are set forth in the Baseline Requirements.
>> *_Version 2_**_– Aggregate Limit per EV Certificate and All EV
>> Certificates Issued in 12 Month Period_**__*
>> 18. Liability and Indemnification
>> CAs MAY limit their liability as described in Section 18 of the
>> Baseline Requirements except that a CA MAY NOT limit its liability to
>> Subscribers or Relying Parties for legally recognized and provable
>> claims to a monetary amount less than two thousand US dollars per
>> Subscriber or Relying Party per EV Certificate. *_CA MAY limit their
>> aggregate liability to all Subscribers and Relying Parties (1) for
>> all claims arising from or relating to a single EV Certificate to an
>> amount not less than $100,000, and (2) for all claims arising from or
>> relating to all EV Certificates issued during any 12 month period to
>> an amount not less than $5,000,000._*
>> A CA's indemnification obligations and a Root CA’s obligations with
>> respect to subordinate CAs are set forth in the Baseline Requirements.
>> _______________________________________________
>> Validation mailing list
>> Validation at cabforum.org <mailto:Validation at cabforum.org>
>> https://cabforum.org/mailman/listinfo/validation
>
>
>
> _______________________________________________
> Validation mailing list
> Validation at cabforum.org
> https://cabforum.org/mailman/listinfo/validation
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/validation/attachments/20170604/32808ea2/attachment-0001.html>
More information about the Validation
mailing list