Terms & Conditions(协议条款)

1 ODETTE Subscriber Agreement for Certificates (ODETTE证书用户协议)

PLEASE READ THIS AGREEMENT AND THE ODETTE CERTIFICATION PRACTICE STATEMENT CAREFULLY BEFORE USING THE DIGITAL CERTIFICATE ISSUED TO YOU OR YOUR ORGANISATION. BY USING THE DIGITAL CERTIFICATE, YOU ARE AGREEING TO BE BOUND BY THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT, PROMPTLY RETURN THE UNUSED DIGITAL CERTIFICATE TO ODETTE AND YOUR MONEY WILL BE REFUNDED.

在使用ODETTE CA颁发给您个人或您单位的数字证书之前,请仔细阅读本协议和ODETTE电子认证业务规则(CPS)。一旦启用了该数字证书,就表明您同意本协议所约定的条款。如果您不同意本协议约定的条款,请立即将尚未使用的数字证书退回给ODETTE,同时您将得到全额退款。

This ODETTE Subscriber Agreement ("Agreement") is effective as of the date of the accompanying Digital Certificate (the "Effective Date") between ODETTE International Limited ("ODETTE"), and the organisation receiving the Digital Certificate ("Customer"). English Law shall govern this agreement.

本ODETTE用户协议(简称“协议”)的甲乙双方是ODETTE国际有限公司(简称“ODETTE”)和接收数字证书的机构(简称“客户”),本协议自数字证书生效之日起生效。本协议遵从英国法律。

2 Definitions(定义)

2.1 Digital Certificate(数字证书)

A collection of electronic data consisting of a Public Key, identifying information about the owner of the Public Key, and validity information, which has been Digitally Signed by ODETTE.

数字证书是由公钥,公钥所有者的身份信息,和经过ODETTE数字签名的验证信息组成的电子数据的集合。

2.2 Certificate Revocation List ("CRL:证书吊销列表")

A collection of electronic data containing information concerning Digital Certificates which have been revoked.

证书吊销列表(CRL)是一组包含所有被吊销的数字证书信息的电子数据的集合。

2.3 Certification Authority ("CA:发证机构")

ODETTE or an entity which is certified by ODETTE to issue Digital Certificates. ODETTE is the User's CA hereunder.

发证机构(CA)是指ODETTE或者经过ODETTE认证过能够签发数字证书的实体,因此ODETTE是本协议用户的CA。

2.4 Digital Signature(数字签名)

Information encrypted with a Private Key which is appended to electronic data to identify the owner of the Private Key and verify the integrity of the electronic data. Digitally Signed shall refer to electronic data to which a Digital Signature has been appended.

数字签名是把用私钥加密的信息附加到电子数据之后,用以识别该私钥的拥有者和验证原数据的完整性。数字化签署是指附加了数字签名的电子数据。

2.5 Private Key(私钥)

A cryptographic key which is kept private to the owner and which is used to create Digital Signatures or to decrypt electronic data that has been encrypted using the matching Public Key.

私钥是一个由拥有者自己保管的密钥。它用于生成数字签名或者解密已经由对应公钥加密的密文电子数据。

2.6 Public Key(公钥)

A cryptographic key which is available publicly and which is used to verify Digital Signatures created with the matched Private Key and to encrypt electronic data which can only be decrypted using the matching Private Key.

公钥也是一个可以公开的密钥。它用于验证由对应私钥创建的数字签名和对电子数据加密,通过某一个公钥加密的电子数据只能使用与之对应的私钥才可以解密。

2.7 Secure Server Hierarchy(安全服务器层级)

A collection of ODETTE CAs and their Certified Users.

安全服务器层级是由ODETTE根CA及该根CA的所有子CA以及这些发证机构认证过的最终用户所组成的集合。

2.8 Customer (see Certified User) (客户(见认证用户))

2.9 Certified User(认证用户)

An individual or an organisation that has been issued a valid Digital Certificate by ODETTE, which Digital Certificate has not been revoked.

认证用户是由ODETTE颁发了有效数字证书并且未被吊销的个人或机构。

3 Authority to Use Digital Certificate(使用数字证书的权限)

3.1 Grant of Authority(授权)

As of the Effective Date, ODETTE hereby grants to Customer the authority for the agreed term to use the Digital Certificate to create Digital Signatures or to use the Digital Certificate in conjunction with Private Key or Public Key operations.

自生效之日起,ODETTE根据本协议条款授予客户使用数字证书创建数字签名,或使用数字证书及其私钥、公钥进行相关操作的权限。

4 Services Provided by ODETTE(ODETTE提供的服务)

After execution of this Agreement and payment of all applicable fees, in addition to the grant of authority pursuant to the previous section, ODETTE or a third party provider designated by ODETTE shall provide the following services to Customer hereunder:

在本协议生效执行和支付了全部应付款项之后,除了依据上一款内容得到授权外,ODETTE 或由ODETTE 指定的第三方还将向客户提供如下服务:

4.1 CRL Service(证书吊销列表服务)

ODETTE shall use all reasonable efforts to compile, aggregate and make electronically available to all interested parties ODETTE's current CRL; provided, however, that ODETTE shall not be in breach of its obligations hereunder as a result of any delay in or failure of performance on its part which arises out of any equipment failure or telecommunications breakdown beyond the reasonable control of ODETTE.

ODETTE将用各种合理的努力来编辑,收集和维护更新ODETTE当前的CRL(证书吊销列表),为所有感兴趣方提供电子化查询和使用服务。在已经提供服务中,一旦当遇到因下列情形造成的任何状态信息滞后或性能故障,ODETTE不应被视为没有履行合同义务:超出ODETTE合理的控制范围内的设备故障或通讯中断等。

4.2 Revocation Status Services(吊销状态服务)

ODETTE shall use all reasonable efforts to provide to Certified Users in the Secure Server Hierarchy information concerning the status of particular Digital Certificates; provided, however, that ODETTE shall not be in breach of its obligations hereunder as a result of any delay in or failure of performance on its part which arises out of any equipment failure or telecommunications breakdown beyond the reasonable control of ODETTE.

ODETTE将将用各种合理的努力,向认证用户提供安全服务器层级中指定数字证书的状态信息服务。在已提供的服务中,一旦遇到因下列情形造成的任何状态信息滞后或性能故障,ODETTE不应被视为没有履行合同义务:超出ODETTE合理控制范围的设备故障或通讯中断等。

4.3 Revocation of Digital Certificates(数字证书吊销服务)

Promptly upon the request of Customer’s Technical or Authentication contact, ODETTE shall revoke the Digital Certificate of Customer.

应客户的技术联系人或者认证联系人的正式要求,ODETTE将即刻吊销该客户的数字证书

5 Customer Obligations(客户义务)

5.1 User Identification Information(用户身份信息)

If at any time, any significant information changes from that contained in the Digital Certificate request, Customer must request that ODETTE revoke the Digital Certificate.

无论何时,只要数字证书申请表中的重要信息发生了变化,或者检查到数字证书遭到破坏或者泄露,客户都必须向ODETTE申请吊销该数字证书。

5.2 Compromised Digital Certificate(数字证书潜在风险)

If Customer has any reason to believe that the security of Customer's Private Key may have been compromised, Customer shall immediately request that ODETTE revoke Customer's Digital Certificate and ODETTE shall revoke said Digital Certificate immediately upon Customer's request.

无论客户因何种原因认为其私钥的安全性可能存在风险,客户都应立即申请ODETTE撤销该数字证书,ODETTE将按照客户申请即刻吊销该数字证书。

6 Permission to Publish Information (公开信息的许可)

Customer agrees that ODETTE may publish the serial number of Customer's Digital Certificate in connection with ODETTE's dissemination of CRLs and Digital Certificate status information within and outside of the ODETTE Secure Server Hierarchy. Customer agrees that ODETTE may publish the Customer's company name and location in the Odette Directory of OFTP2 users. Customer retains the right to have their entry in this Directory modified or deleted by applying in writing to ODETTE.

客户需同意ODETTE在发布CRL和证书状态过程中,可以公开客户证书序列号,该过程包括在ODETTE安全服务器层级之内及之外。

7 Disclaimer of Warranty and Limitation of Liability(免责声明和责任范围)

IN NO EVENT (EXCEPT FOR FRAUD, PERSONAL INJURY/DEATH CAUSED BY NEGLIGENCE, OR WILFUL MISCONDUCT) SHALL ODETTE BE LIABLE FOR ANY DIRECT OR INDIRECT, INCIDENTAL OR CONSEQUENTIAL DAMAGES, OR FOR(INCLUDING ANY LOSS OF PROFITS OR, LOSS OF DATA), OR OTHER INDIRECT, CONSEQUENTIAL OR PUNITIVE DAMAGES ARISING FROM OR IN CONNECTION WITH THE USE, DELIVERY, LICENSE, PERFORMANCE OR NON-PERFORMANCE OF CERTIFICATES, DIGITAL SIGNATURES, OR ANY OTHER TRANSACTIONS OR SERVICES OFFERED OR CONTEMPLATED BY THE CERTIFICATE PRACTICE STATEMENT (CPS), EXCEPT FOR DAMAGE DUE TO RELIANCE (IN ACCORDANCE WITH THE CPS) ON THE VERIFIED INFORMATION AT THE MOMENT OF ISSUANCE OF THE CERTIFICATE IN A SECURE SERVER CERTIFICATE UP TO AN AMOUNT OF ONE EURO. ODETTE WILL NOT BE LIABLE IN THIS CASE IF THE FAULT IN THIS VERIFIED INFORMATION IS DUE TO FRAUD OR WILFUL MIDCONDUCT OF THE APPLICANT. ODETTE WILL NOT BE LIABLE IN THIS CASE IF THE USER HAS NOT RESPECTED HIS OBLIGATIONS MENTIONED AMONGST OTHERS IN ARTICLE 4 OF THIS AGREEMENT.

除了欺诈、因疏忽引起的个人伤害或死亡、蓄意违法行为外,对于任何因数字证书的交付、许可、使用或不使用、或者使用数字证书进行数字签名所造成的数据丢失和其他任何利益损失,ODETTE不承担任何直接或间接责任。对上述损失的衍生性后果,ODETTE也不承担任何责任。除了因(符合认证操作规定的情况下)安全服务器证书经过信息的认证后,发布证书时所造成的最大额度为1欧元的损失,对于其它任何交易或由认证操作规定提供或关注的服务所造成的直接、间接或处罚性损失,ODETTE不负任何责任。如申请者的造假或蓄意违法行为造成认证信息的错误,ODETTE不负任何责任。如用户并未遵守该协议除第4条以外所规定的用户职责,ODETTE不负任何责任。

8 Term and Termination(期限和终止)

This Agreement shall terminate on the earliest of: The expiry date of the certificate; failure by Customer to perform any of its material obligations under this Agreement if such breach is not cured within thirty (30) days after receipt of notice thereof from ODETTE;

如遇到以下情况之一发生,本协议将立即终止:证书到期;因客户没有按照协议规定履行其资料义务而收到ODETTE发出的提醒通知后30天后仍未得到改善时。

9 Effect of Termination(终止的效力)

Upon termination of this Agreement for any reason, Customer's Digital Certificate shall be revoked by ODETTE in accordance with ODETTE's procedures then in effect. Upon revocation of Customer's Digital Certificate for any reason, all authority granted to Customer pursuant to Section 2 shall terminate. Such termination or revocation shall not affect other sections of this Agreement which shall continue in full force and effect to the extent necessary to permit the complete fulfilment thereof.

不论什么原因,一旦本协议终止,ODETTE将按照程序吊销客户的数字证书,并立即生效。无论客户的数字证书因任何原因被终止,依照第2部分条款对客户的所有授权将随之终止。以上所述的终止或吊销操作并不影响本协议的其他条款,其他条款依然有效并完全履行。

10 Miscellaneous Provisions(其他条款)

10.1 Governing Laws(管辖法律)

English Law (irrespective of its choice of law principles) shall govern the validity of this Agreement, the construction of its terms, and the interpretation and enforcement of the rights and duties of the parties hereto.

无论选定何种法律原则,本协议的有效性、协议条款的内容、协议的解释权和执行权、协议双方的职责等内容全部遵循英国法律。

10.2 Binding Effect(约束力)

Except as otherwise provided herein, this Agreement shall be binding upon, and inure to the benefit of, the successors, executors, heirs, representatives, administrators and assigns of the parties hereto. Neither this Agreement nor Customer's Digital Certificate shall be assignable by Customer. Any such purported assignment or delegation shall be void and of no effect and shall permit ODETTE to terminate this Agreement.

除非另有规定,该协议对后任人、执行人、继承人、代表、管理人和双方的指派人都将具有约束力和法律效力。客户不得私自转让本协议及客户的数字证书。这些转让或委派行为都是无效的,这种情况下ODETTE有权单方面终止本协议。

10.3 Severability(可分割性)

If any provision of this Agreement, or the application thereof, shall for any reason and to any extent, be invalid or unenforceable, the remainder of this Agreement and application of such provision to other persons or circumstances shall be interpreted so as best to reasonably effect the intent of the parties hereto. IT IS EXPRESSLY UNDERSTOOD AND AGREED THAT EACH AND EVERY PROVISION OF THIS AGREEMENT WHICH PROVIDES FOR A LIMITATION OF LIABILITY, DISCLAIMER OF WARRANTIES OR EXCLUSION OF DAMAGES IS INTENDED BY THE PARTIES TO BE SEVERABLE AND INDEPENDENT OF ANY OTHER PROVISION AND TO BE ENFORCED AS SUCH.

无论因为任何原因,无论达到任何程度,若该协议任何一项条款或应用失效或无法执行,将对该协议中余下部分以及涉及到他人或其它情况的条款进行法律解释,目的是尽量对当事人的意图产生合理的效力。所有当事人应明确地了解和同意:该协议每个条款都规定了责任范围、免责声明或伤害免责,该协议每个条款都便于当事人拆分而制定,该协议每个条款都是相对独立的,并且每一项都需要执行。

10.4 Entire Agreement(完整协议)

This Agreement constitutes the entire understanding and agreement of the parties hereto with respect to the subject matter hereof and supersedes all prior and contemporaneous agreements or understandings between the parties.

本协议构成双方的完整的共识和协议内容,它优先于双方所有之前的口头约定或共识。

10.5 Notices(通知)

Whenever Customer desires or is required to give any notice, demand, or request to ODETTE with respect to this Agreement, each such communication shall be in either (1) writing and shall be effective only if it is delivered by a courier service that confirms delivery in writing or mailed, certified or registered mail, postage prepaid, return receipt requested or (2) requested via the secure logon to the customers account upon the ODETTE CA web site. Such communications shall be effective when they are received.

无论何时,如果客户主动要求或被要求就本协议向ODETTE提出任何通知、需求或申请,所采用的通信方式只能是下列二者之一:(1)采取书面形式且通过以下方式才是有效的:有快递服务公司基于书面或邮件确认投递成功的证明;认证或挂号的信件、邮资已付并且具有收件回执的信件;或者是(2)按要求安全登录ODETTE CA网站的用户账户。只有当这些通知、需求和申请被Odette收到后,这些通信方式才有效。

10.6 Trade Names, Logos.(商品名称和图标)

By reason of this Agreement or the performance hereof, Customer and ODETTE shall acquire no rights of any kind in any trademark, brand name, logo or product designation of the other party and shall not make any use of the same for any reason except as otherwise authorised in writing by the party which owns all rights to such trademarks, trade names, logos or product designation.

由签署和同意履行本协议的原因,客户和ODETTE无权直接或通过其他途径获取对方的商标、品牌、图标和设计理念,也无权使用这类资料,除非获得了以上资料所有方的书面授权书,对方才可以使用。

11 NOTICE(提示)

The Customer must notify ODETTE immediately if there is an error in his certificate. Without reaction from the Customer within 15 days after receipt, the Customer has accepted the certificate. By accepting the certificate, the Customer assumes a duty to retain control of the Customer’s private key, to use a trustworthy system, and to take reasonable precautions to prevent its loss, disclosure or unauthorised use.

如果用户发现证书有错误,用户必须立即通知ODETTE。如果客户在收到证书后在15天内没有任何响应,将被默认为证书已经被客户接受。接受了证书后,客户要负责保管好自己的私钥,在可信系统中使用,并采取合理的预防措施来防止证书的丢失,泄露和未经授权使用。