On Wed, Aug 17, 2016 at 11:27 AM, Jacob Hoffman-Andrews <[email protected]> wrote:
> On 08/17/2016 10:47 AM, Eric Rescorla wrote: > > I don't think the current text is very clear, so I think if we're going > > to not change > > that we should keep the text as-is while we discuss what it ought to say. > > In other words, don't change the protocol part until we have the legal / > UI part nailed down? No, I'm talking solely about this sentence. -Ekr > If so, I'd like to see a proposal on the latter. I > don't have an opinion either way, and I'm not a lawyer. > > For reference, here is the relevant section from the BRs: > > > The CA SHALL implement a process to ensure that each Subscriber or > Terms of Use Agreement is legally enforceable against the Applicant. In > either case, the Agreement MUST apply to the Certificate to be issued > pursuant to the certificate request. The CA MAY use an electronic or > "click-through" Agreement provided that the CA has determined that such > agreements are legally enforceable. A separate Agreement MAY be used for > each certificate request, or a single Agreement MAY be used to cover > multiple future certificate requests and the resulting Certificates, so > long as each Certificate that the CA issues to the Applicant is clearly > covered by that Subscriber or Terms of Use Agreement. > > I'm pretty skeptical that we will come up with meaningful language in an > RFC to meet any particular legal requirements, which is why I favor not > trying to over-specify things here. > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
