Sections 40 to 42 enumerates duties of subscribers.
Generating key pair (s. 40). Where any Digital Signature
Certificate, the public key of which corresponds to private key of that
subscriber which is to be listed in the certificate has been accepted by a
subscriber, then, the subscriber shall generate the key pair by applying the
security procedure.
13.9.2 Acceptance of
Digital Signature Certificate (s. 41). A subscriber shall be deemed to have
accepted a Digital Signature Certificate if he publishes or authorises the
publication of the certificate: (a) to one more person; (b) in a repository, or
otherwise demonstrates his approval of the certificate in any manner.
Further, by accepting a Digital Signature Certificate, the
subscriber certifies to all who reasonably rely on the information contained in
the Certificate that: (a) the subscriber holds the private key corresponding to
the public key listed in the certificate and is entitled to hold the same; (b)
all representation made by the subscriber to the Certifying Authority and all
material relevant to the information contained in the certificate are true; (c)
all information in the certificate that is within the knowledge of the
subscriber is true.
13.9.3
Control of private key (s. 42). Every
subscriber shall exercise reasonable care to retain control of the private key
corresponding to the public key listed in his Digital Signature Certificate.
Also he will take all steps to prevent its disclosure to a person not
authorised to affix the digital signature of the subscriber. Also if the private
key corresponding to the public key listed in the certificate has been compromised,
then the subscriber shall communicate the same to the Certifying Authority.
No comments:
Post a Comment