Unisys - Public Key Infrastructure  

Relying Party Agreement

The Unisys Internal PKI (UIPKI) is an internal corporate PKI with significant limitations on the acceptable use of certificates and other services provided through the UIPKI.

The community of persons and entities authorized to rely on UIPKI Certificates is limited to employees of the corporation, business associates of the corporation and the corporation itself.

A third party who is not an employee or a business associate cannot be a qualified relying party and may not rely on UIPKI certificates.

All qualified relying parties agree to be bound by all terms and conditions and to comply with all procedures established for the use of certificates and related services provided by the UIPKI as defined in the UIPKI Certificate Policy (CP) accessible at http://uispki.unisys.com/rep/certificatepolicy.asp, which is incorporated in this Relying Party Agreement.

The following statement of Qualified Relying Party Obligations and other important terms and conditions for the use of UIPKI certificates and related UIPKI services are excerpts from the UIPKI Certificate Policy, referenced above. Follow the link provided for the complete text.

Qualified Relying Party Obligations

A Qualified Relying Party may rely on a Certificate that references this CP, only if the Certificate was used and relied upon for lawful purposes and under circumstances where the Qualified Relying Party:

  1. assents to the terms of a Qualified Relying Party Agreement, which incorporate by reference this CP, as a condition of using or otherwise relying on Certificates;
  2. uses the Certificate in accordance with Section 1.3.8 (Applicability)
  3. considers all facts listed or incorporated by reference in the Certificate and facts that the Qualified Relying Party knows and facts for which the Qualified Relying Party has received notice before relying on the Certificate;
  4. verifies the signature on the Certificate;
  5. checks the status of the Certificate before reliance in accordance with Section 4.4.10 (CRL Checking Requirements); and
  6. checks the status of all Certificates in the Certificate trust chain, and all Certificates in the trust chain were neither Revoked, Expired, nor Suspended at the time the transaction was consummated.

A Qualified Relying Party must:

  1. assume the risk that a Certificate is invalid, if reliance on the Certificate is not reasonable or the Qualified Relying Party failed to meet these obligations;
  2. not reverse engineer any Certificate issued by the Unisys Internal Certification Authority (UICA); and
  3. not compromise the security of the UIPKI.

Liability

UICA Liability

Nothing in this CP shall create, alter, or eliminate any other obligation, responsibility or liability that may be imposed on any Entity by virtue of any contract or obligation that is otherwise determined by applicable law.

Warranties and Limitations on Warranties

UNISYS AND ITS SERVICE PROVIDERS MAKE NO WARRANTIES OR REPRESENTATIONS, EXPRESS OR IMPLIED, CONCERNING THE PRODUCTION, USE, AND MAINTENANCE OF CERTIFICATES UNDER THIS CP.

Disclaimers

UNISYS AND ITS SERVICE PROVIDERS ARE NOT LIABLE FOR ANY LOSSES:

DUE TO UNAVAILABILITY OF UICA, RA, OR REPOSITORY SERVICES DUE TO WAR, NATURAL DISASTERS OR OTHER UNCONTROLLABLE FORCES.

INCURRED BETWEEN THE TIME A CERTIFICATE REVOCATION REQUEST IS RECEIVED, THE CERTIFICATE IS REVOKED, AND THE NEXT SCHEDULED ISSUANCE OF A CERTIFICATE REVOCATION LIST.

DUE TO UNAUTHORIZED USE OF CERTIFICATES ISSUED BY A UICA OR USE OF CERTIFICATES NOT CONSISTENT WITH THE PRESCRIBED USE DEFINED IN THIS CP, OR OTHERWISE NOT IN ACCORDANCE WITH THE REQUIREMENTS OF THIS CP.

CAUSED BY FRAUDULENT OR NEGLIGENT USE OF A CERTIFICATE OR CERTIFICATE REVOCATION LIST ISSUED BY A UICA.

DUE TO DISCLOSURE OF INFORMATION CONTAINED WITHIN A CERTIFICATE OR CERTIFICATE REVOCATION LIST.

TO THE EXTENT PERMITTED BY LAW, UNISYS AND ITS SERVICE PROVIDERS DISCLAIM ALL WARRANTIES AND OBLIGATIONS OF ANY TYPE, INCLUDING ANY WARRANTY OF MERCHANTABILITY, ANY WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTY OF THE ACCURACY OF INFORMATION PROVIDED.

Loss Limitations

IF UNISYS OR ITS SERVICE PROVIDERS FAIL TO CONFORM TO THIS CP, THE TOTAL CUMULATIVE LIABILITY OF UNISYS AND ITS SERVICE PROVIDERS TO ANY ENTITY ARISING OUT OF OR RELATING TO ANY CERTIFICATE OR SERVICES PROVIDED BY OR ON BEHALF OF UNISYS IN CONNECTION WITH CERTIFICATES, INCLUDING ANY USE OR RELIANCE ON ANY CERTIFICATE, SHALL NOT EXCEED ONE HUNDRED U.S. DOLLARS ($100.00 U.S.). THIS LIMITATION SHALL APPLY ON A PER CERTIFICATE BASIS, REGARDLESS OF THE NUMBER OF TRANSACTIONS, DIGITAL SIGNATURES, OR CAUSES OF ACTION ARISING OUT OF OR RELATED TO SUCH CERTIFICATE OR ANY SERVICES PROVIDED IN RESPECT OF SUCH CERTIFICATE. UNISYS TOTAL LIABILITY TO ANY SUCH ENTITY SHALL NOT EXCEED ONE THOUSAND U.S. DOLLARS ($1000.00 U.S.). THE FOREGOING LIMITATIONS SHALL APPLY TO ANY LIABILITY WHETHER BASED IN CONTRACT, TORT (INCLUDING NEGLIGENCE AND STRICT LIABILITY) OR ANY OTHER FORM OF LIABILITY.

Other Exclusions

IN NO EVENT WILL UNISYS OR ITS SERVICE PROVIDERS BE LIABLE FOR (A) ANY INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE OR CONSEQUENTIAL DAMAGES, (INCLUDING, BUT NOT LIMITED TO, LOSS OF USE, REVENUES, PROFITS OR SAVINGS), EVEN IF UNISYS OR ITS SERVICE PROVIDERS KNEW OR SHOULD HAVE KNOWN OF THE POSSIBILITY OF SUCH DAMAGES, (B) CLAIMS, DEMANDS, OR ACTIONS, AGAINST A SUBSCRIBER OR RELYING PARTY BY ANY PERSON, OR (C) LOSS OF OR DAMAGE TO DATA FROM ANY CAUSE.

RA Liability

See Sections 2.2.2 � 2.2.5 of this CP.

Financial Responsibility

Indemnification by Qualified Relying Parties

A Qualified Relying Party, at its own expense, shall defend and indemnify Unisys and its Service Providers as applicable, against all claims with respect to any liabilities, losses, costs, expenses, damages, and settlement amounts arising out of or relating to the use by the Qualified Relying Party of the UIPKI including but not limited to (a) failure of the Qualified Relying Party to comply with the terms and conditions set forth in this CP and/or any contractual arrangement with Unisys or its Service Providers, (b) lack of proper validation of a Certificate by Qualified Relying Party, (c) reliance by the Qualified Relying Party on an expired or Revoked Certificate, (d) use of a Certificate other than as permitted under this CP, and/or any contractual terms and conditions set forth between the Qualified Relying Party and Unisys or its Service Providers or any applicable law, (e) failure by the Qualified Relying Party to exercise reasonable judgment in the circumstances in relying on a Certificate, (f) any claim or allegation that the reliance by a Qualified Relying Party on a Certificate or the contents of the Certificate infringes, misappropriates, or unfairly competes with a patent, copyright, trade secret protected or other Intellectual Property right. Unisys or its Service Providers shall be entitled to compensation from a Qualified Relying Party if it can be shown that negligent or wrongful acts of a Qualified Relying Party have caused Unisys or its Service Providers loss, either financially or in reputation.

Indemnification by Subscribers

Subscriber, at its own expense, shall defend and indemnify Unisys and its Service Providers as applicable, against all claims with respect to any liabilities, losses, costs, expenses, damages, and settlement amounts arising out of or relating to the use by the Subscriber of the UIPKI including but not limited to (a) failure of the Subscriber to comply with the terms and conditions set forth in this CP and/or any contractual arrangement with Unisys or its Service Providers, (b) misrepresentations or incomplete information made by Subscriber in using or applying for a Certificate, (c) use of a Certificate other than as set forth in this CP and/or any contractual terms and conditions set forth between the Subscriber and Unisys or its Service Providers, or any applicable law, (d) modification by Subscriber of a Certificate, (e) failure of the Subscriber to take the necessary precautions to prevent loss, disclosure, compromise, or unauthorized use of the Private Key corresponding to the Public Key in the Subscriber's Certificate, (f) any claim or allegation that the use by Subscriber of a Certificate or the contents of the Certificate infringes, misappropriates, or unfairly competes with a patent, copyright, trade secret, or other Intellectual Property right. Unisys or its Service Providers may seek compensation from a Subscriber if it can be shown that negligent or wrongful acts of a Subscriber have caused Unisys or its Service Providers loss, either financially or in reputation.

Fiduciary Relationships

Issuance of Certificates in accordance with this CP does not make a UICA or its Service Providers an agent, fiduciary, trustee, or other representative of Subscribers or Qualified Relying Parties. Assisting in the issuance of Certificates in accordance with this CP does not make an RA an agent, fiduciary, trustee, or other representative of Subscribers or Qualified Relying Parties.

Interpretation and Enforcement

Governing Law

THIS POLICY AND ANY TRANSACTIONS GOVERNED BY THIS POLICY STATEMENT WILL BE GOVERNED BY THE LOCAL LAWS OF THE COMMONWEALTH OF PENNSYLVANIA.

Severability, Survival, Merger, Notice

Each paragraph and provision of this CP is severable, and if a court of competent jurisdiction finds any paragraph or provision of this CP, or portion thereof, to be unenforceable, that provision of the CP shall be enforced to the maximum extent permissible so as to effect its intent and the remaining provisions of this CP will remain in full force and effect.

All notices related to indemnities and dispute resolution and all requests for information will be deemed given on the day they are received either by messenger, nationally recognized delivery service, or in the U.S. Mail, postage prepaid, certified or registered, return receipt requested, and addressed as follows:

Office of the General Counsel
Unisys Corporation
801 Lakeview Drive
Suite 100
Blue Bell, PA 19422 United States

Conflict of provisions

In the event of a conflict between the provisions of this CP, a UICA's CPS, and any express written agreement between Unisys and a Subscriber or Qualified Relying Party, with respect to a Unisys Certificate or any services provided by Unisys, such other express written agreement shall take precedence.

Waiver

Any failure or delay by either party in exercising any right or remedy will not constitute a waiver.

Assignment

Unisys may assign this CP or its interest in the UIPKI, or assign the right to receive payments, without the User's consent. Any such assignment, however, will not change the obligations of the UICA to the User. User will not assign or transfer its rights or obligations under this CP without prior written consent of the UICA. Any assignment or transfer prohibited by this provision will be void. Unisys may subcontract any services described in this CP to third parties selected by Unisys.

Dispute resolution procedures

The Unisys Policy Management Authority shall resolve any disputes associated with Certificates issued by a UICA.

WTCA Baseline Audit Results

Click to open the 2022 WTCA Audit Results.