The following is based on the agreement between UW-Milwaukee and InCommon for the digital certificate service. The expectation is all Registration Authority Operators (RAOs), Distributed Registration Authority Operators (DRAOs), and members of the UWM Community submitting certificate requests (CSRs) will follow the Acceptable Use Policy for UWM in addition to these guidelines.
Subscriber Obligations. Subscriber shall:
- use the Certificates only for the purposes listed in the InCommon CPS;
- review each certificate request and each issued Certificate’s information for accuracy and completeness prior to requesting, installing and using the Certificate;
- only install an issued Certificate on the servers accessible at the domain name(s) listed in the Certificate and only use an issued Certificate for authorized business of the Subscriber;
- be responsible for any computer hardware, telecommunications hardware, and software necessary to use the Certificate;
- obtain and maintain any authorization or license necessary to use the Certificate;
- bind each Relying Party to InCommon’s Relying Party Agreement (available in InCommon’s Certificate Repository: www.incommon.org/cert/repository) by posting notice to this affect on Subscriber’s website;
- keep Confidential Information confidential and uncompromised, and immediately inform InCommon and request revocation of any affected Certificates if Subscriber reasonably believes that Confidential Information has been disclosed or compromised;
- ensure that all information provided to InCommon is complete and accurate and does not include any information that would be unlawful or otherwise likely to damage the business or reputation of InCommon or Comodo;
- immediately cease using any InCommon-issued Certificates and associated Private Keys if any of the following occur 1) a relevant Private Key is compromised, 2) a Certificate expires (SSL only) or is revoked;
- immediately cease issuing InCommon Certificates if this Addendum is terminated or expires;
- immediately notify InCommon of 1) any breach of these Addendum Terms or 2) any information provided to InCommon that changes, ceases to be accurate, or becomes inconsistent with the warranties made by Subscriber herein; and
- comply with all applicable local and international laws when receiving or using a Certificate, including all export laws. Subscriber shall not export or re-export, either directly or indirectly, any Certificate’s Private Key to a country or entity under United Kingdom or United States restrictions. SUBSCRIBER ASSUMES ALL LIABILITY FOR ITS VIOLATION OF EXPORT LAWS.
Restrictions. Subscriber shall not:
- impersonate or misrepresent Subscriber’s affiliation with any entity;
- modify, license, or create a derivative work of, or transfer the ownership of any Certificate (except as required to use the Certificate) or Private Key to another legal entity;
- use any InCommon-signed cert to distribute any files or software that may damage the operation of another’s computer;
- use the Certificates with any on-line control equipment in hazardous environments requiring fail-safe performance where the failure of the Certificates could lead directly to death, personal injury or severe physical or environmental damage;
- use the Certificates to 1) engage in conduct that is illegal, 2) breach any legally enforceable confidence of a third party, 3) infringe on the intellectual property rights of a third party, 4) cause InCommon or Comodo or a third party denial of any service, or disruption, 5) send or receive unsolicited bulk correspondence or 6) create a Private Key that is substantially similar to an InCommon or Comodo or third party’s Private Key; or
- make false representations regarding the Certificates to any third party.