Preview of our top selling Preferred Provider Agreement
Microsoft / VeriSign - Preferred Provider Agreement
EXHIBIT 10.18
-------------
CONFIDENTIAL TREATMENT REQUESTED
MICROSOFT/VERISIGN
CERTIFICATE TECHNOLOGY PREFERRED PROVIDER AGREEMENT
Company: MICROSOFT CORPORATION (Washington)
-----------------------------------------------------
(name and jurisdiction of incorporation)
Company Address: One Microsoft Way
-----------------------------------------------------
Redmond, Washington 98052-6399
-----------------------------------------------------
Company Contact:
-----------------------------------------------------
Effective Date: May 1, 1997
-----------------------------------------------------
Term: Two (2) years from Effective Date
-----------------------------------------------------
THIS MICROSOFT/VERISIGN CERTIFICATE TECHNOLOGY PREFERRED PROVIDER AGREEMENT ("Agreement"), effective as of the Effective Date set forth above, is entered into by and between VeriSign, Inc., a Delaware corporation, ("VeriSign") having
-------- its principal place of business at 2593 Coast Avenue, Mountain View, California 94043 and Microsoft Corporation, a Washington corporation, ("Microsoft") having
--------- a principal address as set forth above.
--------
The purpose of this Agreement is to set out the terms and conditions under which each party will become the Preferred Provider of the other's existing products and services that involve the use of Certificate technology and will work closely together to bring new products and services to market. VeriSign will make the Microsoft Technology Platform (including Windows 95, Windows NT Workstation, Windows NT Server, *** ) its preferred platform for delivering existing and new products and services *** . Microsoft will make VeriSign the Preferred Provider of Certificate Authority products and services that are used by Microsoft customers or for Microsoft internal use. Microsoft will promote VeriSign as the Preferred Provider in its strategic marketing programs related to commercial Certificate Authority products and services.
---------
1. DEFINITIONS
-----------
1.1 Certificate means a message that, at least, states a name or
----------- identifies the IA,
*** Confidential treatment has been requested with respect to certain portions of this exhibit. Confidential portions have been omitted from the public filing and have been filed separately with the Securities and Exchange Commission. identifies the Subscriber, contains the Subscriber's public key, identifies its operational period, contains a certificate serial number, and is digitally signed by the IA. "Certify" or "Certification" means the act of generating a
------- ------------- Certificate. "Certified" means the condition of having been issued a valid
--------- Certificate by a Certifier, which Certificate has not been revoked.
1.2 Certificate Revocation List ("CRL") means a periodically (or
----------------------------------- exigently) issued list, digitally signed by an IA, of certificates that have been suspended or revoked prior to their expiration date. The list generally indicates the issuer's name, the time of issue, the time of the next scheduled CRL issue, the suspended or revoked certificates' serial numbers, and the specific times and reasons for suspension and revocation.
1.3 Certification Authority or Certifier ("CA") means VeriSign or any
------------------------------------ entity which is authorized to issue Certificates.
1.4 Certification Practice Statement ("CPS") means VeriSign's statement of
-------------------------------- the practices an IA in the VeriSign Public Certification Service employs in issuing Certificates, as further described in Section 2.2 of this Agreement.
1.5 Digital ID means VeriSign's service-marked name for a Certificate.
----------
1.6 Digital Signature means a transformation of a message, using an
----------------- asymmetric cryptosystem, such that a person having the initial message and the signer's Public Key can accurately determine whether the transformation was created using the Private Key that corresponds to the signer's Public Key and whether the message has been altered since the transformation was made.
1.7 ECAS means VeriSign's proprietary software product marketed and
---- developed under the name "Electronic Commerce Authentication System" providing secure on-line Certificate issuance as presently in existence and as developed and enhanced in the future by VeriSign.
1.8 Issuing Authority ("IA") means the VeriSign Root or a Certification
------------------------ Authority that issues, suspends or revokes a Certificate within the VeriSign Public Certification Services. An Issuing Authority is identified by a distinguished name on all Certificates and CRLs it issues.
1.9 Microsoft Product means any product developed by Microsoft that
----------------- utilizes a commercial Certificate.
1.10 Microsoft Technology Platform means the existing Microsoft products
----------------------------- currently known as Windows NT Server, Windows 95, Windows NT Workstation, Internet Information Server, Certificate Server, Internet Explorer, Crypto API and ActiveX, as they may be revised or updated from time to time during the term of this Agreement.
1.11 Preferred Provider means a provider of products and services which
------------------ are a preferred choice for internal use and recommended to customers as a preferred choice through the strategic marketing programs and other commitments set forth in this Agreement.
1.12 Private Key means a mathematical key (kept secret by the holder) used
----------- to create Digital Signatures and, depending upon the algorithm, to decrypt messages encrypted with the corresponding Public Key.
1.13 Public Key means a mathematical key that can be made publicly
---------- available and which is used to verify signatures created with its corresponding Private Key. Public Keys are also used to encrypt messages or files which can then only be decrypted using the matching Private Key.
1.14 Root means the IA that issues the first Certificate in a
---- certification chain. The Root's Public Key must be known in advance by a Certificate user in order to validate a certification chain. A Root's Public Key is made trustworthy by some mechanism other than a Certificate, such as the policies and procedures defined for that infrastructure.
1.15 Subscriber means a person who is the subject of a Certificate,
---------- accepts it, and uses or is capable of using, and authorized to use, the Private Key that corresponds to the Public Key listed in the Certificate.
1.16 WWW or Web means World Wide Web, a hypertext-based, distributed
---------- information system in which users may create, edit, or browse hypertext documents; a graphical document publishing and retrieval medium; a collection of linked documents that reside on the Internet.
2. SCOPE
-----
2.1 VeriSign Will Migrate Existing Products and Services to Microsoft Technology Platform.
VeriSign will migrate its existing products and services to the Microsoft Technology Platform during the normal course of planned system upgrades and enhancements, provided the Microsoft Technology Platform is able to met the technical requirements of the specific product or service. The specific products and services to be considered will include the following:
A. Digital ID Center operator tools will be migrated to Windows 95
and Windows NT Workstation within 6 months of satisfaction of
VeriSign technical requirements.
B. ***
C. Web pages on VeriSign Web sites that are accessed by customers
using Microsoft Internet Explorer will be updated to include the
use of ActiveX controls to perform enrollment and other
operations within 6 months of satisfaction of VeriSign technical
*** Confidential treatment has been requested with respect to certain portions of this exhibit. Confidential portions have been omitted from the public filing and have been filed separately with the Securities and Exchange Commission.
D. VeriSign will make best efforts to release the commercial version
of ECAS on Microsoft NT Server and Microsoft Internet Information
Server no later than one year after release on other platforms.
Once ECAS is released on the Microsoft Technology Platform, new
releases of ECAS will thereafter be released on such Microsoft
Technology Platform with equivalent functionality and
simultaneously with VeriSign's new releases on the then current
Sun/Solaris platform.
E. VeriSign will make best efforts to migrate servers used by
VeriSign to perform back-end operations (including signing
servers, authentication servers, lifecycle management servers,
but excluding Oracle database server) to Windows NT Server within
one year of the satisfaction of VeriSign technical requirements.
F. VeriSign will make reasonable efforts to migrate its internal
systems to Microsoft Windows 95, Windows NT Workstation, and
Windows NT Server within one year after execution of this
Agreement. To the extent VeriSign migrates VeriSign internal
systems, Microsoft will provide VeriSign the opportunity to
acquire "Not for Resale" or "NFR" Microsoft software at published
prices for NFR software to complete the migration. VeriSign's
use of the software will be subject to the terms and conditions
of the End User License Agreement ("EULA") accompanying such
software; provided however, any restrictions contained in the
EULA against VeriSign's use of the software in a production
environment shall not apply.
G. ***
H. ***
In order to expedite the migration process, VeriSign will train up to five (5) members of its technical staff to become Certified Microsoft Professionals for Windows NT Server. Microsoft will provide VeriSign with access to training materials and programs for training of VeriSign's technical staff at Microsoft's expense.
2.2 ***
*** Confidential treatment has been requested with respect to certain portions of this exhibit. Confidential portions have been omitted from the public filing and have been filed separately with the Securities and Exchange Commission.
2.3 Microsoft Will Make VeriSign the Preferred Provider of Commercial Certificate Authority Services Acquired by Customers through the Microsoft Technology Platform.
VeriSign will be Microsoft's Preferred Provider of commercial Certificate Authority services that are necessary for the effective use of Microsoft Products and services. Preferred Provider status means that Microsoft will use commercially reasonable efforts to provide preferential placement of VeriSign services in Microsoft Products in initial and subsequent releases by listing VeriSign services before any non-preferred providers in any listing of service providers that is displayed in the product and in a distinguished form (e.g., through default registration links, specific and unique graphics, logos, sizing, ad banners, preferred CA WWW Page, etc.). The parties recognize that such preferential listing shall exclude situations such as programmatic enumeration (such as in the case of trusted roots) due to design characteristics of Microsoft's certificate management architecture. The Microsoft Products may include:
. Internet Explorer
. Internet Information Server
. Exchange mail client
Microsoft may publish certain criteria that other Certificate Authorities or other potential Preferred Providers must meet to be recognized as a trusted Certificate Authority or a Preferred Provider on Microsoft Certificate Authority pages or to be enabled in Microsoft Products, including bundling of the trusted CA's root keys in such products. Such criteria may include: objectively reviewed and published a certification practice statement, audited secure facilities and practices, third party accreditation, volume scaleability, liability insurance, etc. Prior to issuing final criteria for Certificate Authorities and Preferred Provider status, Microsoft will provide to VeriSign for review and comment its proposed criteria and consider VeriSign's comments if provided in a timely manner.
To attain and retain Preferred Provider status for commercial Certificate Authority services in Microsoft Products, VeriSign must meet the following criteria:
A. VeriSign must provide, within commercially reasonable
limitations, a specific service that Microsoft deems necessary
for the effective use of a Microsoft Product and must make that
service available at the time of the first general availability
beta release of the Microsoft Product. VeriSign shall support
Certificate services for all platforms for which the Microsoft
Product is released. The specified service must be available to
customers in any geographic market in which Microsoft Product
will be used whether the service is available directly through
VeriSign's presence in such market or indirectly via the
Internet, subject to the legal, infrastructure, or regulatory
restrictions on CA products or services in those geographies.
B. If Microsoft, in its reasonable judgment, notifies VeriSign of
deficiencies in the delivery of VeriSign services, VeriSign shall
correct any such deficiencies in accordance with obligations
specified in any applicable
Service Level Agreements (or substantially similar forms agreed
to by the parties). Moreover, if the parties, for whatever
reason, are not able to agree upon a Service Level Agreement for
a particular service, or if the parties cannot agree upon the
application or interpretation of an existing Service Level
Agreement to a service, either party may escalate the issue to
executives for the thirty (30) day period described below. In the
event the parties cannot agree after such executive period,
Microsoft shall reasonably specify or interpret VeriSign's
obligation to address the deficiencies.
C. The VeriSign service must offer pricing and service quality
similar to the pricing and quality of equivalent services
provided by VeriSign competitors under similar terms and
Microsoft at its sole discretion may develop relationships with alternative providers for any technology or service. However, an additional thirty (30) day executive escalation period will be required before other providers may be considered for Preferred Provider status due to VeriSign's lack of compliance with the above. Provided that VeriSign continues to be in compliance with the above, for a period of twelve (12) months after the Effective Date of this Agreement, VeriSign shall be the only Preferred Provider of Certificate Authority services for Microsoft Products.
2.4 Microsoft Will Make VeriSign the Preferred Provider of Commercial Certificate Authority Services Acquired by Microsoft for Use in Products or Services.
Individual Microsoft operating units may require Certificate Authority services for internal use or for inclusion in products or services for their external customers. Microsoft will provide VeriSign with (i) access to purchase decision-makers in the Microsoft organization, and to executives responsible for Microsoft's external distribution channels (including OEMs, VARs, system integrators and resellers), (ii) designation by a Microsoft executive of VeriSign as a Microsoft Preferred Provider of commercial Certificate Authority Services and (iii) an e-mail introduction to VeriSign (in a form substantially similar to Exhibit "A"). Examples of such products and services may include, but are not limited to:
. Product registration
. The Microsoft.com web site and specific sections of the Web Site
such as the developer forum
. The MSWeb web site
. The Microsoft Network, and specific "channels" on MSN
. A Microsoft "passport" service
. Active Desktop content channels
2.5 Microsoft and VeriSign Will Collaborate to Cross-Promote Each Other's Products and Services.
Microsoft and VeriSign will work together to develop marketing plans which feature each other's products and services. These marketing plans may include, but not be limited to, the following variety of activities:
. Inclusion of VeriSign marketing materials in Microsoft seminars on
Microsoft products which include VeriSign Certificate Authority
. Advertisement of VeriSign services on The Microsoft Network at
favorable pricing
. Advertisement of Microsoft products on the VeriSign Digital ID
Center at favorable pricing
. Joint sales calls on mutual existing and prospective customers
. Joint participation in trade shows, at the invitation of individual
product groups
. Joint participation in vertical market programs developed by the
Microsoft Industry Marketing Group
Specific written plans may be developed by mutual agreement from time to time by the appropriate representatives of the product marketing organizations for each company.
2.6 Microsoft and VeriSign Will Collaborate to Develop New Certificate- Based Technologies, Products and Services.
Microsoft and VeriSign will explore in good faith the potential development of new Certificate technologies, products, and services, including but not limited to:
. Microsoft Certificate Server Add-on modules
. Microsoft Certificate Server gateways
. ECAS integration with Microsoft Certificate Server
. Authentication
. Code Signing
. Personalization/Demographics
. S.E.T. (or pre-SET)
. Digital Wallet
. Content Signing
. Smart Cards
. Internationalization
. Software Metering
. Coupons/attribute Certificates
. Executable Certificates
In the event that Microsoft and VeriSign agree to cooperate on a new Certificate-based technology, product or service, the parties will consider in good faith an agreement to provide the other party with a time-to-market advantage relative to competitors, as described in detail below. Performance enhancements to existing services and new Certificate-based technology developed by VeriSign for release on a Microsoft Technology Platform will not involve such market advantage.
2.6.1 Performance Enhancements to Existing Services. VeriSign will develop performance enhancements that shall be implemented on Microsoft's browsers at the same time as, if not before, any competing browser. VeriSign will not keep this development work confidential. Microsoft has no confidentiality obligation with respect to any publicly disclosed information regarding this type of development work by VeriSign and can work with other vendors who are making similar changes to their services at the same time VeriSign is making such enhancements. Example: a standards change, acceleration and improvement of execution of CA products and services.
2.6.2 New VeriSign Service on a Microsoft Technology Platform. This section will apply in the event VeriSign wishes to develop at its own expense a new product or service for use with Microsoft technology and wishes to keep this development confidential until release. VeriSign will identify the development as confidential to Microsoft. Microsoft will maintain s...
View agreement details