Data Sheet:

Symantec Managed PKI for Adobe Certified Document Services
powered by VeriSign Technology
Why Symantec MPKI for Adobe CDS? Moving from paper-based systems to electronic documents and workflows can dramatically increase the speed of business, improving your responsiveness to opportunities, saving staff time, and building customer satisfaction. But if you have to go back to paper to secure signatures, youll lose some of these benefits as you slow down to print and sign, then fax, mail, courier, or scan and e-mail documents. These delays add up: on average, most workflows require at least three signatures. Take full advantage of the potential of electronic documents with Symantec Managed Public Key Infrastructure (MPKI) for Adobe Certified Document Services (CDS) powered by VeriSign technology. Digital certificates issued by MPKI allow your organization to add digital signing capabilities to your electronic workflows, saving time and money. According to a recent survey by AIIM (Association for Information and Image Management), of organizations that have implemented digital signatures, 63 percent report that they achieved significant ROI within 12 months 1 Benefits
INTEGRATES WITH ADOBE APPLICATIONS Seamless interoperability with the Adobe ecosystem ensures digital certificates issued by MPKI can be employed by off-the-shelf bulk-signing PDF signing solutions, and verified by any Adobe Acrobat, Adobe Reader or Adobe LiveCycle user. Deploy digital signing solutions quickly and easily without purchasing any additional hardware or infrastructure to manage digital certificates. MPKI provides a cloud-based solution that issues and manages digital certificates for individuals, groups, and companies. Digital certificates can be deployed on hardware tokens to enable manual digital signing by individuals, or on a hardware security module to enable integration with bulksigning applications. A digitally signed PDF document proves who signed it, when the signer executed the signature, and whether the content has been altered. Digitally signed documents provide partners with confidence to trust electronic documents, and auditors with assurance that archived documentation is authentic. Digitally signed documents eliminate paper files, delays and costs associated with paper-based processes, and reduce the time required to execute business processes.
SIMPLIFIES ADOPTION OF DIGITAL SIGNING
SCALES WITH THE SIZE OF THE ORGANIZATION
Speed and cost savings are just the start. MPKI for Adobe CDS also delivers new levels of security. Every time you pull up a PDF document signed with a trusted digital ID from MPKI for Adobe CDS in either Adobe Acrobat, Reader or LiveCycle, you can now verify these three things: Who signed it; When they signed it; and Whether its been changed since they signed it. These capabilities make MPKI for Adobe CDS essential for any organization or individual looking to ensure content integrity and security to optimize handling of contracts, forms, government paperwork, non-disclosure agreements (NDAs), quotes, proposals, invoices, approvals, memberships, and other high-volume transactions. In addition to helping you meet your own internal control standards, this solution also helps you to comply with regulatory requirements such as HIPAA, the GrammLeach-Bliley Act, and the Sarbanes-Oxley Act.
1 Digital Signatures for Document Workflow and SharePoint, 2010
IMPROVES BUSINESS PARTNER CONFIDENCE
ACCELERATES BUSINESS PROCESSES/WORKFLOWS

Page 1 of 2

Data Sheet: Symantec Managed PKI for Adobe Certified Document Services
How to sign a document Adobe Acrobat, Reader, and LiveCycle allow users to apply digital signatures to PDF documents, but first users need to have a digital ID. Now, MPKI for Adobe CDS provides a simple way to generate and manage trusted digital IDs, so that you can reliably issue certificates to individuals, groups or companies. It provides validation services to check the current status of these certificates and generates a time stamp that it includes with all digital signatures. Adobe has embraced PKI technology, and has included digital signature functions since Adobe Acrobat Professional and Standard (Version 6.x), Adobe Reader (Version 6.x), as well as Adobe LiveCycle Document Security Server (Version 8.x) and LiveCycle ES Digital Signatures. What you see when you open a document Adobe Acrobat, Reader, and LiveCycle natively trust only digital IDs from Adobe CDS. Every time someone opens a PDF document signed with an Adobe CDS digital ID, these applications immediately verify it and provide strong visual marks that clearly show who signed the document, when, and whether the document has been changed since that time. Recipients need no special software, plug-ins, or configuration.

Before creating any MPKI account for an organizational customer, Symantec conducts stringent verification of corporate identities based on publicly available documents such as entries in commercial registers. Symantec MPKI for Adobe CDS complies with the Federal ESIGN Law in the United States, and certificates are available with validity periods of 1, 2, or 3 years. It includes standards-compliant online validation (RFC 2560 & 5019) and timestamp (RFC 3161). Save time, save money, and increase security with MPKI for Adobe CDS MPKI for Adobe CDS provides a simple and reliable way to generate and manage trusted digital IDs for individuals, groups (i.e. marketing), or companies. With MPKI for Adobe CDS enabling secure electronic signatures, organizations can at last digitize workflows end-to-end and realize the full benefits of their investment in electronic workflows, including faster processes, cost savings, and increased security. Learn more For more information about MPKI for Adobe CDS powered by VeriSign technology, please call 650-426-5310 or visit: www.verisign.com/authentication More information About Symantec Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored.
What happens behind the scenes Because MPKI for Adobe CDS is a hosted solution, organizations leverage Symantecs state-of-the-art security expertise instead of having to develop it in-house. Organizations that are already using a content management system to centrally create PDFs can deploy Symantec MPKI for Adobe CDS on a new or existing Hardware Security Module (HSM) to enable centralized and mass digital signing of PDFs. A smartcard or token-based option is available to sign PDF documents on an individual basis.
Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) +1 (800) www.symantec.com

2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. VeriSign is a registered trademark of VeriSign, Inc. or its affiliates or subsidiaries in the U.S. and other countries and licensed to Symantec Corporation. Other names may be trademarks of their respective owners. 12/10 21164429

Page 2 of 2

MPKI FOR PREMIUM SSL OR GLOBAL SERVER ONSITE AGREEMENT
mySecureSign, Inc. Global Server OnSiteSM Agreement THIS MYSECURESIGN, INC. GLOBAL SERVER ONSITESM AGREEMENT (AGREEMENT) IS ENTERED INTO BETWEEN MYSECURESIGN,INC. (MYSECURESIGN, INC.) AND THE ENTITY EXECUTING THIS AGREEMENT (RA). RA MUST READ THIS AGREEMENT CAREFULLY. BY CLICKING ACCEPT BELOW OR BY ACCEPTING A CERTIFICATE, RA AGREES TO BECOME A PARTY TO, AND BE BOUND BY, THE TERMS OF THIS AGREEMENT. BY CLICKING DECLINE BELOW, RA INDICATES THAT IT DOES NOT AGREE TO THE TERMS OF THIS AGREEMENT, AND WILL NOT BE A MYSECURESIGN, INC. RA. BACKGROUND RA wishes to become a Registration Authority within mySecureSign, Inc.s Public Certification Services (PCS). A Registration Authority assists other persons or entities in applying for digital certificates, approving certificate applications, and (where necessary) requesting revocation of their certificates. mySecureSign, Inc. will issue, manage, suspend, revoke, and/or renew certificates in accordance with RAs instructions and mySecureSign, Inc.s Certification Practice Statement (CPS) then currently in effect, published at https://www.mysecuresign.com as amended from time to time (CPS). Amendments to the CPS are published at https://www. mysecuresign.com /repository/updates. 1. Definitions. Unless otherwise noted herein, defined (capitalized) terms in this Agreement shall have the meanings given to them in the then current CPS. RA means LRA as defined in the CPS. RAA Certificate means a Class 3 RAA Certificate as described in CPS Section 2.2.3. RA Requirements means the summary of CPS control and security requirements applicable to Registration Authorities, which is appended to the Server OnSiteSM Administrators Handbook (Handbook). Global Server ID means a Class 3 Certificate with a special object identifier and extension that facilitates the use of strong encryption (such as 128-bit RC4 or IDEA, 56 bit DES, two-key Triple-DES encryption, or such other encryption deemed exportable by the U.S. Department of Commerce). Certificate means both a Certificate and a Global Server ID, unless otherwise noted. Erroneous Issuance means (a) issuance of a Certificate in a manner not materially in accordance with the procedures required by the CPS, the Handbook published at https://www.mysecuresign.com/onsite, or the RA Requirements (For this purpose, the determination of materiality shall be in the sole discretion of mySecureSign, Inc.) ; (b) issuance of a Certificate to an Entity other than the one named as the Subject of the Certificate; or (c)
issuance of a Certificate without the authorization of the Entity named as the Subject of such Certificate. Impersonation means requesting and being issued a Certificate based on false or falsified information relating to naming or identity. 2. CPS, Handbook, and RA Requirements. The CPS, the Handbook, and the RA Requirements, as periodically amended, are incorporated herein by reference. mySecureSign, Inc. shall post a notice of any amendments to its website. 3. RAs Duties as Registration Authority. 3.1 Appointments. mySecureSign, Inc. appoints RA as a Registration Authority pursuant to the CPS. RA shall appoint one or more authorized RA employees as Registration Authority Administrator(s) (RAA). Specifically, RA hereby appoints the Person(s) listed on the enrollment form as RAA(s). Such RAA(s) shall be entitled to appoint additional RAAs on RA's behalf. Upon approval of the Certificate Application(s) (Applications) of the RAA(s), mySecureSign, Inc. shall issue an RAA Certificate to each such RAA. 3.2 Registration Authority Requirements. RA shall comply with Registration Authority requirements stated in the CPS, the Handbook, and the RA Requirements as periodically amended, including without limitation requirements for validating the information in Applications, approving or rejecting such Applications, using hardware and software designated by mySecureSign, Inc., and requesting revocation of Certificates (Administrator Functions). Customer acknowledges that the web site interface designated by mySecureSign, Inc. for Customers use to perform Administrator Functions shall be in English. Upon RAs approval of an Application, mySecureSign, Inc. (a) shall be entitled to rely upon the correctness of the information in each such approved Application, and (b) shall issue a Certificate to the Certificate Applicant submitting such Application. 3.2.1 Validation. RA shall approve an Application only if the Certificate Applicant is an Affiliated Individual or Affiliated Entity as to RA, and RA has authorized the Certificate Applicant to use RAs organizational name in his or her Certificate and to use a domain name ending in the domain name listed in the RAs RAA Certificate(s). (For example, if RAs domain name in its RAA Certificate(s) is company.com, then Certificate Applicants can only request Certificates under this Agreement if their domain names end in company.com. If RAs organizational name and/or domain registration change, RA or RAA shall promptly request revocation all Subscriber Certificates issued hereunder.) In addition, RA agrees to the export conditions in Sections 3.2.1.1-3.2.1.8.

3.2.1.1

VeriSign Export Licenses. mySecureSign, Inc. shall determine if you qualify for Global Server OnSite based upon the terms of VeriSigns export licenses with the U.S. Department of Commerce, Bureau of Export Administration (License). VeriSign has received a retail classification for Global Server IDs under a License. mySecureSign, Inc. shall retain the right, at its sole discretion, to approve RAs Registration Authority application, subject to the terms of a License. VeriSign, Inc. (VeriSign) shall issue Global Server IDs based on Applications approved by RAA. Global Server ID. The Export Commodity Control Number for RAs Global Server ID(s) is 5D002. A Global Server ID enables RA to negotiate SSL or TLS sessions using 128-bit RC4 or IDEA, 56 bit DES, two-key Triple-DES encryption, or such other encryption that the U.S. Department of Commerce may permit for export in the future. Qualified Applicant. RA represents that RA is eligible to receive favorable treatment under current U.S. encryption export control policy for the export of Global Server IDs. Geographical Restrictions. RA shall not be located in nor use RAs Global Server ID(s) in Afghanistan (Taliban-controlled areas), Cuba, Iran, Iraq, Libya, North Korea, Serbia, Sudan, and Syria, or any other countries where such use is prohibited under U.S. export regulations, under the terms of this Agreement. Use. RA must ensure that any Global Server ID issued under this Agreement is only used to enable an SSL or TLS session on a software platform (Software) listed on VeriSigns website as eligible for use with a Global Server ID. If the Software is not specifically listed on VeriSigns website as such and it is produced or sold by a United States entity (Entity), RA is responsible for ensuring that the Entity has obtained an export license or classification that permits the Entity to export the Software from the United States before RA installs any Global Server ID. Control. RA shall operate RAs computer systems on which RA installed RAs Global Server ID(s) (Server) under RAs Effective Control.

3.2.1.2

3.2.1.3

3.2.1.4

3.2.1.5

3.2.1.6

3.2.1.6.1 "Effective Control" means RA 1) has access to all transaction data that may be transmitted over the Server, and is prepared to disclose data to a government agency in the jurisdiction where the Server is operated pursuant to a duly authorized warrant or court order or other lawful authority and 2) has authority to modify or control the Server,

including the ability to disable RAs Global Server ID(s) in the event that the IA is entitled by contract, or required by law, to terminate this Agreement, which governs use of all RAs Global Server IDs. 3.2.1.7 Additional Representations. By submitting this Agreement (and RAs Registration Authority application) RA represents that the following statements are true and will be true during the term of this Agreement.
3.2.1.7.1 This Agreement and RAs Registration Authority application and any other Application has been or will be submitted by a responsible official or representative empowered and authorized by the organization named in RAs Registration Authority application and any other Application (the Organization) to certify that the conditions set forth in this Agreement have been, or will be, met in full by the Organization. 3.2.1.7.2 The Organization is eligible to obtain and utilize a Global Server ID in a manner consistent with all applicable export control laws and regulations of the United States. 3.2.1.7.3 If an RAA ceases to have the authority to act as RAA on behalf of RA, RA shall promptly request revocation of the RAA Certificate of such RAA. If RAA has not otherwise requested revocation of a Certificate in a particular month, RAA shall access mySecureSign, Inc.s web site to confirm to mySecureSign, Inc. that no revocation requests have been submitted to mySecureSign, Inc. in such month. 3.3 3.4 Manner of Performance. RA shall perform the tasks in this Section 3 in a competent, professional, and workmanlike manner. RA Employee Subscribers. RA shall cause Subscribers receiving Certificates hereunder to abide by the terms of the Global Server ID Subscriber Agreement attached to the Handbook.
4. Service Fees. RA shall pay mySecureSign, Inc. the then current applicable Service Fees corresponding to RAs selected volume of Certificates. mySecureSign, Inc. shall be responsible for the payment of Philippine taxes on Service Fees received by mySecureSign, Inc. pursuant to this Agreement, except for taxes which Philippine laws allow the LRA to bear. RA shall pay any and all taxes arising from or in connection with its sale of goods or services to Subscribers and other persons. 5. Confidentiality. 5.1 Confidential Information. Confidential Information means any confidential or other proprietary information disclosed by one party to the

other under this Agreement, except information that: (a) is public knowledge at the time of disclosure, (b) was known by the receiving party before disclosure by the disclosing party, or becomes public knowledge or otherwise known to the receiving party after such disclosure, other than by breach of a confidentiality obligation, or (c) is independently developed by the receiving party. 5.2 Protection of Confidential Information. The receiving party shall (a) not disclose the Confidential Information to any third party, except when required to be disclosed by lawful order of a court of competent jurisdiction; (b) not use the Confidential Information in any fashion except for purposes of performing this Agreement, (c) exercise reasonable care to prevent disclosure, and (d) notify the disclosing party of any unauthorized disclosure or use of the Confidential Information. Upon termination of this Agreement for any reason, each party shall immediately deliver to the other party all copies of the Confidential Information received from such other party. Each party acknowledges that breach of this Section 5 will cause irreparable harm to the disclosing party entitling the disclosing party to injunctive relief, among other remedies.
6. Intellectual Property Rights. (a) mySecureSign, Inc., its vendors, and/or its licensors shall retain all intellectual property rights (Intellectual Property Rights) in and to the ideas, concepts, techniques, inventions, processes, or works of authorship comprising, embodied in, or practiced in connection with the products or services provided by mySecureSign, Inc. hereunder, including without limitation the mySecureSign, Inc.-designated hardware and software supporting such services and the mySecureSign, Inc. web site interface designated for RAs use (collectively, the Service Components). The Service Components do not include RAs browser software or RAs base hardware platform. (b) mySecureSign, Inc. will make available to RA new technologies which are owned by, licensed to or otherwise available to, mySecureSign, Inc. that are related to the provision of services by mySecureSign, Inc. under this Agreeement. To the extent that such technologies are proprietary to mySecureSign, Inc., mySecureSign, Inc. will provide the use of such technologies to RA on reasonable commercial terms, including but not limited to, terms regarding liability and indemnification for losses arising from the use or misuse of such technologies. To the extent that such technologies are subject to restrictions imposed by third parties, mySecureSign, Inc. shall transfer or license such technologies to RA within limits imposed by such restrictions. mySecureSign, Inc. agrees to use reasonable commercial efforts to facilitate the transfer or licensing of such technologies owned by third parties to RA upon reasonable commercial terms.

7. Additional Obligations of RA. 7.1 Proprietary Markings and Copyright Notices. RA shall not remove or destroy any trademark or copyright notices on any mySecureSign, Inc. materials or documentation. Neither party shall acquire any rights of any kind in the other partys trademarks, service marks, trade names, or product names. 7.2 RAs Warranties. RA warrants to mySecureSign, Inc. that: (a) all information material to the issuance of a certificate and validated by or on behalf of RA is true and correct in all material respects; (b) without limiting the generality of the foregoing, RAs approval of Applications will not result in an Erroneous Issuance, including but not limited to Erroneous Issuance resulting from Impersonation; and (c) RA has substantially complied with the CPS, the Handbook, and the RA Requirements. 7.3 Insurance Coverage. RA shall, at its own expense, maintain standard errors and omissions insurance in an amount that is commercially reasonable. Upon mySecureSign, Inc.s request, RA shall furnish proof of such insurance to mySecureSign, Inc. This Section does not apply to governmental agencies. 8. mySecureSign, Inc.s Limited Warranties. mySecureSign, Inc. warrants to RA that at the time it issues a Certificate hereunder: (a) mySecureSign, Inc. originated no material misrepresentations of fact in such Certificate, (b) mySecureSign, Inc. introduced no errors in the information in such Certificate as a result of a failure to exercise reasonable care in creating the Certificate, (c) such Certificate meets all material requirements of the CPS, and (d) mySecureSign, Inc. has substantially complied with the CPS when issuing such Certificate. 9. DISCLAIMER OF WARRANTIES AND LIABILITY. 9.1 RAS LIABILITY RELATING TO VALIDATION. RA SHALL BEAR EXCLUSIVE RESPONSIBILITY, AND LIABILITY TO ANY AND ALL PERSONS, FOR THE VALIDATION OF ALL APPLICATIONS THAT IT APPROVES, DETERMINATION OF WHETHER A CERTIFICATE APPLICANT IS ELIGIBLE TO OBTAIN AND USE A GLOBAL SERVER ID IN ACCORDANCE WITH THE APPLICABLE GLOBAL SERVER ID SUBSCRIBER AGREEMENT, AND CONDUCT OF RAAS AND SUBSCRIBERS RECEIVING CERTIFICATES HEREUNDER. MYSECURESIGN, INC. AND VERISIGN DISCLAIM ALL SUCH RESPONSIBILITY AND LIABILITY. AS IS. EXCEPT FOR THE LIMITED WARRANTIES CONTAINED IN SECTION 8 AND THE CPS, AND WITHOUT PREJUDICE TO ANY
CLAIMS ARISING UNDER THE EXPRESS TERMS OF THIS AGREEMENT AND THE CPS, INCLUDING WITHOUT LIMITATION, CPS 11, MYSECURESIGN, INC.S PRODUCTS AND SERVICES, INCLUDING BUT NOT LIMITED TO THE SERVICE COMPONENTS, (COLLECTIVELY, THE PRODUCTS AND/OR SERVICES) ARE PROVIDED AS IS AND MYSECURESIGN, INC. MAKES NO WARRANTIES WITH RESPECT TO USEFULNESS, FUNCTIONALITY, OR OPERABILITY. MYSECURESIGN, INC. HEREBY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 9.3 LIMITATION OF LIABILITY. IN NO EVENT SHALL MYSECURESIGN, INC.S LIABILITY TO ANY AND ALL PERSONS FOR ANY AND ALL CLAIMS, LOSSES, OR DAMAGES RELATING TO, IN WHOLE OR IN PART, THIS AGREEMENT, THE PRODUCTS AND/OR SERVICES, OR OTHERWISE, WHETHER IN CONTRACT, TORT, OR OTHERWISE, EXCEED THE SERVICE FEES PAID BY RA TO MYSECURESIGN, INC. UNDER THIS AGREEMENT. UNDER NO CIRCUMSTANCES WHATSOEVER SHALL MYSECURESIGN, INC. BE LIABLE FOR SPECIAL, INDIRECT, RELIANCE, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS, LOST DATA, OR LOSS RESULTING FROM BUSINESS INTERRUPTION, EVEN IF MYSECURESIGN, INC. HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

10. Indemnity. Subject to Section 9.3, each party (the Indemnifying Party) shall indemnify the other party and its directors, officers, agents, employees, contractors, parents, vendors (including VeriSign), affiliates, or subsidiaries (collectively, the Indemnified Parties) and hold the Indemnified Parties harmless from and against any losses, costs, damages, and fees (including attorneys fees) incurred by the Indemnified Parties in connection with: (a) any breach by the Indemnifying Party of any warranty or obligation under this Agreement, the CPS, the Handbook, or the RA Requirements; or (b) the Indemnifying Partys acts or omissions, the use of any product or service provided by the Indemnifying Party, or any other item furnished by the Indemnifying Party to Subscribers (collectively, the Indemnity Conditions). RA, as an Indemnifying Party, shall indemnify the mySecureSign, Inc. Indemnified Parties and hold them harmless from and against any losses, costs, damages, and fees (including attorneys fees) incurred by the mySecureSign, Inc. Indemnified Parties in connection with any breach of the Subscriber Agreement by a Subscriber receiving a Certificate hereunder. Upon appropriate notice, the Indemnifying Party shall defend, at its expense, any claim brought against one or more of the Indemnified Parties based on or arising out of one or more of the Indemnity Conditions.
11. Termination. The term of this Agreement is one (1) year starting on the date RA executes this Agreement. This Agreement may be terminated (a) by either party immediately upon the institution by or against the other party of insolvency, receivership, or bankruptcy proceedings, upon any assignment for the benefit of the other partys creditors, or upon the other partys dissolution or ceasing to do business; (b) by mySecureSign, Inc. immediately and without prior notice in the event of a breach of any of the duties, obligations, terms, or provisions of this Agreement (a Breach) by RA if the Breach may compromise the security ofmySecureSign, Inc.s Public Certification Services or other system; (c) in the event of any other Breach by a party, upon thirty (30) days written notice by the non-breaching party and the breaching partys failure to cure such Breach within the thirty (30) day notice period; (d) upon RAs change of organizational name and/or domain name registration; or (e) by RA if mySecureSign, Inc. amends its CPS, the Handbook, or the RA Requirements, and if the RA believes in good faith that such amendment materially deprives it of the benefit of this Agreement. Except for termination under subsections (a) - (c) of this Section 11, RA may renew this Agreement subject to mySecureSign, Inc.s then-current standard terms and conditions. The provisions of Sections 4, 5, 6, 7.2, 8, 9, 10, 11, 12, 13, and 14 shall survive termination. The revocation requirements under Section 3.2 of this Agreement and the Handbook and the applicable security requirements under the RA Requirements shall survive termination until the end of the Operational Periods of all Certificates issued hereunder. 12. Notices. Whenever a party desires or is required to give any notice, demand, or request with respect to this Agreement, such communication shall be made either using digitally signed messages consistent with the requirements of the CPS (verifiable by a mySecureSign, Inc. Class 2 or higher Certificate), or in writing. Electronic communications shall be effective upon the senders receiving a valid, digitally signed acknowledgment of receipt (verifiable by a mySecureSign, Inc. Class 2 or higher Certificate) from the recipient. Such acknowledgment must be received within three (3) business days, or else written notice must then be communicated. Communications in writing must be delivered by a courier service that confirms delivery in writing or via certified or registered mail, postage prepaid, return receipt requested, addressed to the representative of RA at the address below or to mySecureSign, Inc. at: mySecureSign, Inc, 5th Floor, Locsin Bldg., 6752 Ayala cor. Makati Ave., Makati City 1200 Philippines. Tel: +63(2)893-6618 Fax +63(2) 864-341. RA shall immediately advise mySecureSign, Inc. of any legal notice served on RA that might affect mySecureSign, Inc. 13. Independent Relationship. RA, the RAA(s), and RAs employees, consultants, contractors, and agents are not agents, employees, joint ventures, or joint venturers of mySecureSign, Inc., and they have no authority to bind mySecureSign, Inc. by contract or otherwise to any obligation.

14. Miscellaneous. 14.1 Entire Agreement; Amendment; Assignment. This Agreement, the CPS, the Handbook, and the RA Requirements constitute the entire agreement between the parties and supersede all prior and contemporaneous written or oral agreements between the parties with respect to the subject matter of this Agreement. No amendment or waiver of any provision of this Agreement shall be effective unless it is in a physical writing signed, or e-mail message digitally signed (verifiable by a mySecureSign, Inc. Class 2 or higher Certificate), by each partys authorized representative. This Agreement shall be binding upon and inure to the benefit of RA, mySecureSign, Inc., and their respective successors and assigns, provided that RA shall not assign, sublicense, encumber, or otherwise transfer this Agreement or any right or obligation hereunder without mySecureSign, Inc.s prior consent. Any such consent by mySecureSign, Inc. shall be in the form of a communication made pursuant to Section 12. Severability; Enforcement. The unenforceability of any provision or provisions of this Agreement shall not impair the enforceability of any other part of this Agreement. If any provision of this Agreement shall be deemed invalid or unenforceable, in whole or in part, this Agreement shall be deemed amended to delete or modify, as necessary, the invalid or unenforceable provision to render it valid, enforceable, and, insofar as possible, consistent with the original intent of the parties. The remedies under this Agreement shall be cumulative and not alternative, and the election of one remedy for a breach shall not preclude pursuit of other remedies. The failure of a party, at any time or from time to time, to require performance of any obligations of the other party hereunder shall not affect its right to enforce any provision of this Agreement at a subsequent time. Governing Law; VenueThis Agreement shall be governed by the laws of the Republic of the Philippines. Any suit by or between the parties relating to this Agreement shall be brought in and resolved by the proper courts of Makati City, Philippines, or, if Philippine laws expressly require another venue, the place of such another venue. Approval; Authorization. This Agreement shall not be effective until mySecureSign, Inc. approves RAs Registration Authority application. RA warrants and represents that the representative submitting this Agreement on its behalf has been duly authorized to do so by RA.