ATTENTION READ CAREFULLY: THIS CERTIFICATE ADMINISTRATOR SERVICE AGREEMENT (THIS "AGREEMENT") IS A LEGAL CONTRACT BETWEEN THE PERSON, ENTITY, OR ORGANIZATION NAMED IN THE ACCOMPANYING APPLICATION ("YOU"), AND ENTRUST.NET INC. ("ENTRUST.NET"). BEFORE CONTINUING, CAREFULLY READ THIS AGREEMENT AND THE ENTRUST.NET CERTIFICATION PRACTICE STATEMENT AS AMENDED FROM TIME TO TIME WHICH IS INCORPORATED INTO THIS AGREEMENT BY REFERENCE AND WHICH COLLECTIVELY CONTAIN THE TERMS AND CONDITIONS UNDER WHICH YOU ARE ACQUIRING A LIMITED RIGHT TO HAVE ISSUED AND USE ENTRUST.NET CERTIFICATES. THE USE OF ANY ENTRUST.NET CERTIFICATES ISSUED TO YOU IS ALSO GOVERNED BY VARIOUS U.S., CANADIAN, AND INTERNATIONAL CRIMINAL AND CIVIL LAWS.

IF YOU ARE AN EMPLOYEE, AGENT, OR REPRESENTATIVE OF ANOTHER ENTITY OR ORGANIZATION, YOU HEREBY REPRESENT AND WARRANT THAT (I) THE INDIVIDUAL ACCEPTING THIS AGREEMENT IS DULY AUTHORIZED TO ACCEPT THIS AGREEMENT ON SUCH ENTITIES' OR ORGANIZATION'S BEHALF AND TO BIND SUCH ENTITY OR ORGANIZATION HEREBY, AND (II) SUCH ENTITY OR ORGANIZATION HAS THE FULL POWER, CORPORATE OR OTHERWISE, TO ENTER INTO THIS AGREEMENT AND PERFORM ITS OBLIGATIONS HEREUNDER.

1. Definitions: In this Agreement, the following terms shall have the following meanings. Any capitalized terms that are not defined in this section or elsewhere in this Agreement shall have the meaning ascribed to them in the Entrust.net Certification Practice Statement.

"Agreement" means this Certificate Administrator Service Agreement.

"Compromise" means a suspected or actual loss, disclosure, or loss of control over sensitive information or data.

"Certificate Administrator Service Application" means the form and application information requested by Entrust.net and submitted by You when applying to participate in the Certificate Administrator Service or when updating information previously supplied to Entrust.net in respect to the Certificate Administrator Service.

"Entrust.net Certificate" means an SSL web server digital certificate or a WAP server digital certificate issued by an Entrust.net Certification Authority. "Entrust.net Certification Authority" means a certification authority operated by or for Entrust.net.

"Entrust.net Certification Practice Statement" means (i) in the case of SSL web server digital certificates, the Entrust.net SSL Web Server Certification Practice Statement which may be found in the Repository, and (ii) in the case of WAP server digital certificates, the Entrust.net WAP Server Certification Practice Statement which may be found in the Repository.

"Key Pair" means two mathematically related cryptographic keys, having the properties that (i) one key can be used to digitally sign a message that can only be verified using the other key, and (ii) even knowing one key, it is computationally infeasible to discover the other key.

"Certificate Administrator Service" means the benefits and obligations described in this Agreement.

"Private Key" means the key of a Key Pair used to create a digital signature.

"Public Key" means the key of a Key Pair used to verify a digital signature. The Public Key is made freely available to anyone who will receive digitally signed messages from the holder of the Private Key of the Key Pair. The Public Key is usually provided via a digital certificate issued by a certification authority and is often obtained by accessing a repository or database. A Public Key is used to verify the digital signature of a message sent by the holder of the corresponding Private Key.

"Repository" means the information described at http://www.entrust.net/about/practices.cfm.

"You or Your" means both the individual or individuals applying to enter the Certificate Administrator service and any entity on whose behalf such individual or individuals are acting.

2. Pre-Qualification of Information and Issuance of Entrust.net Certificates: Upon request by You, and to the extent that You have paid for such rights, Entrust.net or a subcontractor acting on behalf of Entrust.net will perform limited verification (as described in the Entrust.net Certification Practice Statement) to pre-qualify information submitted by You for inclusion in Entrust.net Certificates that You may subsequently request the Entrust.net Certification Authorities to issue. If information submitted for pre-qualification is verified, You may submit requests for the issuance of Entrust.net Certificates containing such pre-qualified information as further described below. Upon receipt of a request from You for the issuance of an Entrust.net Certificate which is to contain pre-qualified information, Entrust.net shall, to the extent that You have paid for such rights, issue an Entrust.net Certificate containing such pre-qualified information. Entrust.net shall be under no obligation to issue any Entrust.net Certificates containing pre-qualified information if such pre-qualified information is subsequently found to have changed or to be in any way inaccurate, incorrect, or misleading. By submitting a request for an Entrust.net Certificate, You are representing and warranting that the pre-qualified information has not changed and is in no way inaccurate, incorrect, or misleading. If Entrust.net issues an Entrust.net Certificate to You, Entrust.net shall make such Entrust.net Certificate available for retrieval by You. Entrust.net shall be entitled to revoke an Entrust.net Certificate issued to You if (i) the pre-qualified information submitted by You is subsequently found to have changed or to be inaccurate, incorrect, or misleading, (ii) if revocation is requested by You, (iii) upon expiry or termination of this Agreement, or (iv) for any other reason identified for revocation in the Entrust.net Certification Practice Statement.

3. Obligations: You shall: (i) provide, in any communications with Entrust.net, correct information without any misrepresentations or omissions, (ii) generate a new, secure, and cryptographically sound Key Pair to be used in association with each Entrust.net Certificate to be issued to You, (iii) refrain from modifying the contents of any Entrust.net Certificates, (iv) use Entrust.net Certificates exclusively for legal and authorized purposes in accordance with the terms and conditions of the Entrust.net Certification Practice Statement and applicable laws, (v) protect the Private Keys corresponding to the Public Keys in any Entrust.net Certificate issued to You, (vi) notify Entrust.net immediately of any change to any information included in any Entrust.net Certificate issued to You or any Certificate administrator service application submitted by You or any change in any circumstances that would make the information in any such Entrust.net Certificate or Certificate administrator service application inaccurate, incorrect, or misleading, (vii) notify Entrust.net immediately of any changes to pre-qualified information, or any changes in any circumstances that would make any pre-qualified information inaccurate, incorrect, or misleading, (viii) notify Entrust.net immediately of any Compromise or suspected Compromise of the Private Key corresponding to the Public Key in any Entrust.net Certificate issued to You, and (ix) stop using all Entrust.net Certificates upon the termination or expiry of this Agreement. You acknowledge that the use of Entrust.net Certificates is subject to the terms and conditions of this Agreement and the Entrust.net Certification Practice Statement and You shall only use an Entrust.net Certificate issued to You as permitted by this Agreement and the Entrust.net Certification Practice Statement. You acknowledge that You have the necessary information to make an informed decision about whether and the extent to which to use digital certificate technology and in particular Entrust.net Certificates. You acknowledge that You have read the Entrust.net Certification Practice Statement and the disclaimers of representations, warranties, and conditions, and limitations of liabilities and remedies therein and that You are making Your own judgment about whether it is reasonable under the circumstances to use Entrust.net Certificates.

4. Fees: You shall pay all applicable fees for the rights granted hereunder to have Entrust.net Certificates issued to You. The fees for the rights provided under the Certificate Administrator Service are available from Entrust.net and are subject to change upon notice to you. If You do not pay the applicable fees, You will not be entitled to use any Entrust.net Certificates issued to You and Entrust.net may refused to process any subsequent requests submitted by You for additional Entrust.net Certificates.

5. Lifecycle Monitoring Service: Entrust.net shall also provide You with a complementary lifecycle monitoring service ("LMS"). The LMS is designed to reduce the chance of disruption of Your service which may be caused by the expiration of Your Entrust.net Certificate(s). Entrust.net shall use reasonable efforts to send an email to the technical contact listed in the information provided to Entrust.net with Your Certificate administrator service application. Such email will inform Your technical contact that Your Entrust.net Certificate(s) is/are due to expire shortly. Usually, the email notification will be sent approximately thirty (30) days prior to the date on which Your Entrust.net Certificate(s) is/are due to expire. If Your contact information changes, You can still receive an LMS email notice if You provide Entrust.net with updated technical contact information at least sixty (60) days prior to the date that Your Entrust.net Certificate(s) is/are due to expire. You shall not be eligible for the LMS if Your technical contact information changes and Entrust.net is not informed of such change within the time period provided above.

6. DISCLAIMER OF WARRANTIES: EXCEPT FOR THE EXPLICIT REPRESENTATIONS, WARRANTIES, AND CONDITIONS PROVIDED IN THIS AGREEMENT AND THE ENTRUST.NET CERTIFICATION PRACTICE STATEMENT, ENTRUST.NET CERTIFICATES AND ANY SERVICES PROVIDED IN RESPECT TO ENTRUST.NET CERTIFICATES ARE PROVIDED "AS IS", AND NEITHER ENTRUST.NET NOR ANY INDEPENDENT THIRD-PARTY REGISTRATION AUTHORITIES OPERATING UNDER THE ENTRUST.NET CERTIFICATION AUTHORITIES, NOR ANY RESELLERS, CO-MARKETERS, OR ANY SUBCONTRACTORS, DISTRIBUTORS, AGENTS, SUPPLIERS, EMPLOYEES, OR DIRECTORS OF ANY OF THE FOREGOING MAKE ANY REPRESENTATIONS OR GIVE ANY WARRANTIES OR CONDITIONS, WHETHER EXPRESS, IMPLIED, STATUTORY, BY USAGE OF TRADE, OR OTHERWISE, AND ENTRUST.NET, ALL INDEPENDENT THIRD-PARTY REGISTRATION AUTHORITIES OPERATING UNDER THE ENTRUST.NET CERTIFICATION AUTHORITIES, ALL RESELLERS OR CO-MARKETERS, AND ANY SUBCONTRACTORS, DISTRIBUTORS, AGENTS, SUPPLIERS, EMPLOYEES, OR DIRECTORS OF ANY OF THE FOREGOING SPECIFICALLY DISCLAIM ANY AND ALL REPRESENTATIONS, WARRANTIES, AND CONDITIONS OF MERCHANTABILITY, NON-INFRINGEMENT, TITLE, SATISFACTORY QUALITY, OR FITNESS FOR A PARTICULAR PURPOSE. EXCEPT FOR THE EXPLICIT REPRESENTATIONS, WARRANTIES, AND CONDITIONS CONTAINED IN THIS AGREEMENT AND IN THE ENTRUST.NET CERTIFICATION PRACTICE STATEMENT, THE ENTIRE RISK OF THE USE OF ANY ENTRUST.NET CERTIFICATES OR ANY SERVICES PROVIDED IN RESPECT TO ENTRUST.NET CERTIFICATES OR THE VALIDATION OF DIGITAL SIGNATURES SHALL BE BORNE SOLELY BY YOU.

THE FOREGOING LIMITATIONS SHALL APPLY NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY STATED HEREIN AND EVEN IF ENTRUST.NET OR ANY INDEPENDENT THIRD-PARTY REGISTRATION AUTHORITY OPERATING UNDER AN ENTRUST.NET CERTIFICATION AUTHORITY, OR ANY RESELLERS, CO-MARKETERS, OR ANY SUBCONTRACTORS, DISTRIBUTORS, AGENTS, SUPPLIERS, EMPLOYEES, OR DIRECTORS OF ANY OF THE FOREGOING HAVE BEEN ADVISED OF THE POSSIBILITY OF THOSE DAMAGES. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THESE LIMITATIONS SET FORTH ABOVE MAY NOT APPLY TO YOU. THE DISCLAIMERS OF REPRESENTATIONS, WARRANTIES, AND CONDITIONS AND THE LIMITATIONS ON LIABILITIES AND REMEDIES IN THIS AGREEMENT AND IN THE ENTRUST.NET CERTIFICATION PRACTICE STATEMENT CONSTITUTE AN ESSENTIAL PART OF THIS AGREEMENT, THE ENTRUST.NET CERTIFICATION PRACTICE STATEMENT, ANY OTHER SUBSCRIPTION AGREEMENTS, AND ANY RELYING PARTY AGREEMENTS. YOU ACKNOWLEDGE THAT BUT FOR THESE DISCLAIMERS OF REPRESENTATIONS, WARRANTIES, AND CONDITIONS AND LIMITATIONS ON LIABILITIES AND REMEDIES, ENTRUST.NET WOULD NOT ISSUE ENTRUST.NET CERTIFICATES TO SUBSCRIBERS AND NEITHER ENTRUST.NET NOR ANY ANY INDEPENDENT THIRD-PARTY REGISTRATION AUTHORITIES OPERATING UNDER AN ENTRUST.NET CERTIFICATION AUTHORITY, NOR ANY RESELLERS, CO-MARKETERS, OR ANY SUBCONTRACTORS, DISTRIBUTORS, AGENTS, SUPPLIERS, EMPLOYEES, OR DIRECTORS OF ANY OF THE FOREGOING WOULD PROVIDE SERVICES IN RESPECT TO ENTRUST.NET CERTIFICATES AND THAT THESE PROVISIONS PROVIDE FOR A REASONABLE ALLOCATION OF RISK.

8. Term: The term of this Agreement is one year from the date that Your Certificate administrator service application is accepted. Accordingly, if Your Certificate administrator service application is accepted, You will be able to pre-qualify information and request the issuance of Entrust.net Certificates pursuant to the Certificate Administrator Service for a period of one (1) year from the date of acceptance by Entrust.net of Your Certificate administrator service application. This Agreement shall automatically renew for successive terms of one (1) year upon payment by You of the renewal fees specified by Entrust.net. If Entrust.net does not accept your purchase order or payment then this Agreement will not renew. Any terms on a purchase order that is accepted by Entrust.net shall have no force and effect except for the identification and quantity of the particular Entrust.net certificate service intended to be acquired by You. Your ability to have Entrust.net Certificates issued pursuant to the Certificate Administrator Service shall be subject to Your payment of the applicable fees, verification of any information submitted by You for pre-qualification, and Your compliance with all other requirements of this Agreement. Your obligations in respect to any Entrust.net Certificates shall continue for as long as You use such Entrust.net Certificates (which may not be any longer than the term of this Agreement, irrespective of the expiry date of the issued Entrust.net Certificate), however, Your right to use such Entrust.net Certificates and Your rights under this Agreement shall terminate if You fail to comply with any of the material terms or conditions of this Agreement or the Entrust.net Certification Practice Statement. You must upon revocation or expiration of this Agreement or Your Entrust.net Certificate(s) cease all use of such expired or revoked Entrust.net Certificate(s) and remove such Entrust.net Certificate(s) from the devices and/or software in which they have been installed. If this Agreement is terminated because of breach by You, You shall cease use of any Entrust.net Certificate(s) issued to You under this Agreement and remove such Entrust.net Certificates from the devices and/or software in which they have been installed. The provisions of this Agreement entitled Disclaimer of Warranties, Limitation of Liability, Term, Severability and those provisions of the Entrust.net Certification Practice Statement that are designated as surviving expiration or termination shall continue in force even after any expiration or termination of this Agreement.

9. Severability: Whenever possible, each provision of this Agreement, the Entrust.net Certification Practice Statement, any other Subscription Agreements, and any Relying Party Agreements shall be interpreted in such manner as to be effective and valid under applicable law. If the application of any provision of this Agreement, the Entrust.net Certification Practice Statement, or any Relying Party Agreement or any portion thereof to any particular facts or circumstances shall be held to be invalid or unenforceable by an arbitrator or court of competent jurisdiction, then (i) the validity and enforceability of such provision as applied to any other particular facts or circumstances and the validity of other provisions of this Agreement, the Entrust.net Certification Practice Statement, or any Relying Party Agreements shall not in any way be affected or impaired thereby, and (ii) such provision shall be enforced to the maximum extent possible so as to effect its intent and it shall be reformed without further action to the extent necessary to make such provision valid and enforceable.

FOR GREATER CERTAINTY, IT IS EXPRESSLY UNDERSTOOD AND AGREED THAT EVERY PROVISION OF THIS AGREEMENT, THE ENTRUST.NET CERTIFICATION PRACTICE STATEMENT, ANY OTHER SUBSCRIPTION AGREEMENTS OR ANY RELYING PARTY AGREEMENTS THAT DEALS WITH (I) LIMITATION OF LIABILITIES, REMEDIES, OR DAMAGES, (II) DISCLAIMERS OF REPRESENTATIONS, WARRANTIES, CONDITIONS, LIABILITIES, OR REMEDIES, OR (III) INDEMNIFICATION, IS EXPRESSLY INTENDED TO BE SEVERABLE FROM ANY OTHER PROVISIONS OF THIS AGREEMENT, THE ENTRUST.NET CERTIFICATION PRACTICE STATEMENT, ANY OTHER SUBSCRIPTION AGREEMENTS, OR ANY RELYING PARTY AGREEMENTS AND SHALL BE SO INTERPRETED AND ENFORCED.

10. Third Party Databases and D-U-N-SŪ Number. In performing limited verification Entrust.net (or a subcontractor acting on behalf of Entrust.net (a "Subcontractor")) may determine whether the organizational identity, address, and domain name provided with Your Entrust.net Certificate Application are consistent with information contained in third-party databases (the "Databases"), which may include the Dun & Bradstreet Inc. ("D&B") database. Entrust.net or a Subcontractor may perform an investigation which may attempt to confirm Your business name, street address, mailing address, telephone number, line of business, year started, number of employees, CEO, telephone number and Your business existence. You may be assigned a D-U-N-SŪ Number if Entrust.net or its Subcontractor is able to procure independent confirmation that Your business exists at the address included in Your Entrust.net Certificate Application. You acknowledge that some of the information submitted to obtain an Entrust.net Certificate and/or a D-U-N-SŪ Number may become included in the Databases. This information will only include: business name, street address, mailing address, telephone number (outside source), line of business, year started, number of employees, CEO, telephone number and You business existence. You acknowledge that the foregoing information as contained in the Databases may be licensed by Entrust.net or its Subcontractor to third parties who may offer You business products and services.

11. Use of the Entrust Secured Site-Seal. Subject to the terms and conditions of this Agreement, You may use Your Entrust.net Certificate(s) with the Entrust Secured Site-Seal; provided, however that BY CLICKING THE "ACCEPT" ICON BELOW AND BY USING THE ENTRUST SECURED SITE-SEAL, YOU AGREE TO BE BOUND BY THE TERMS AND CONDITIONS OF THE ENTRUST SECURED SITE-SEAL LICENSE AGREEMENT SET FORTH AT http://www.entrust.net/about/practices.cfm.

Last Updated: January 2002