relying-party contract

[Dwight Arthur <dwightarthur@xxxxxxxxxxxxxx>]

Scenario one: confidential information
Alice holds confidential information pertaining to Bob. Bob wishes to
have Carol, who may be an employee, agent, or customer of Bob, access
this information. Bob causes his CA to issue a certificate to Carol that
identifies her and her relationship to Bob. Alice creates a web server
that publishes this information to anyone with a certificate from Bob's
CA where the relationship shown in the cert conveys authoriation to
access this type of data.

Scenario two: transaction processing
Same deal, except that Bob's cert enables Carol to enter transactions
into Alice's systems.

The question: is there or should there be a legal agreement between Bob
and Alice regarding the conditions under which Alice should accept Bob's
certs and the liability that each carries? I understand that the general
thinking is that the Certificate Policies or Certificate Practice
Statement covers this, but I am questioning this.

If this is offtopic, my apologies and could you recommend a more
appropriate forum?

IMHO the responsibilities and liabilities are as follows:

Bob's responsibilities to Alice:
1. Provide Alice with the root key of his CA
2. Issue certs to authorized persons conveying the accurate
role/relationship data.
3. Promptly revoke certificates of any certified person where changes to
the persons role or relationship so warrant.
4. Promptly make available via an agreed-upon mechanism and at or
exceeding an agreed-upon frequency, notice of any revokations.
5. Take appropriate measures, and require certified persons to do the
same, to prevent interception, misappropriation, or theft of certs or 
of the private keys that underlie them.

Alice's responsibilities to Bob:
1. Prevent access to the protected data/transactions against anyone
other that the holder of a cert (and of the associated private key) 
signed with Bob's CA's key, that shows an appropriate (as agreed) 
role or relationship for access to this data/transaction, and has 
not been revoked.
2. Participate in whatever facility Bob's CA designates for notification
of revokation.

Alice is liable to Bob for fradulent transactions if
-Alice accepted an expired cert.
-Alice accepted a cert from someone other than Bob's CA
-Alice gave access to a holder of a cert from Bob's CA that did not
demonstrate posession of the matching private key.
-Alice gave access to a holder of a cert from Bob's CA that did not
define the holder as having the role or relationship in Bob's
organization that was defined as appropriate for access to the
transaction.
-Alice failed to reject a revoked cert despite receiving the appropriate
notification from Bob's CA of the revokation at least X period of time
before the transaction.

Bob is liable to Alice for fraudulent transactions if
-Bob's CA issued a cert (with the appropriate role/relationship 
shown) to a person who should not have had access to the transaction.
-Bob's CA, Bob, the certified person, or someone else related to Bob
permitted the cert and its prive ket to come into the posession of
someone other than the intended certified person and did not
revoke the cert.
-Bob's CA revoked the cert without notifying Alice in time to stop 
the transaction.

Question: doesn't there need to be a formal agreement between Bob
and Alice to create these liabilities?
Question: is there any prototype of such an agreement in existance?
Question: what is the right forum for discussion of this issue?

Dwight Arthur
Managing Director, Technology Planning
National Securities Clearing Corporation, NY
(212) 412-8687
darthur@nscc.com