Law n°83-2000 translated for information purpose - Not to be quoted

Article 13: Certification services provider must use certified methods for issuing,
delivering, and storing of certificates and to take necessary measures to protect them
against imitation and counterfeit according to the Schedule or Rules mentioned in
Article 12 of this act.
Article 14: Every certification services provider must make available an electronic
record of certificates electronically accessible to users at all time to check the
information included within.
The record of certificates includes, if necessary, information on the date of withdrawal
or withdrawal or suspension of certificates.
The record and the certificate must be protected against unauthorized change.
Article 15: It is imposed on certification services providers and their agents to uphold
the confidentiality of the information entrusted to them in the context of carrying their
duties except those that the owner of the certificate authorized, in writing or
electronically, their publication or their notification or in accordance with provisions
stated in the law in force.
Article 16: when processing an application for a certificate, the certification services
provider gathers personal information directly from the involved person and may get
the information from a third party after the written or electronic approval of that
person.
The certification services provider is forbidden from gathering information not required
for the delivery of the certificate. The certification services provider is forbidden the
use of information gathered for the purpose of issuing the certificate outside the
context of certification activities without the written or electronic approval of the
involved person.
Article 17: The certification services provider issues certificates that meet the
requirements of security and reliability. Technical specifications related to be certificate
and its reliability are defined by a decree from the ministry in charge of
telecommunications.
The certificate includes notably :
•
The identity of the certificate owner;
•
The identity and the electronic signature of the certificate issuer;
•
Elements of verification of the signature of the certificate owner,
•
The certificate period of validity;
•
The areas where the certificate ought to be used.
Article 18: The certification services provider guarantees:
•
The accuracy of information included in the certificate on the date of its
delivery;
•
The relation between the owner of the certificate and his signature verification
solution;
•
Exclusive ownership by the certificate owner of a signature establishment
solution in compliance with the regulations of the decree mentioned in Article 5
of this act and in concordance with the signature verification solution referred
to in the certificate at the date of delivery.
And when delivering the certificate to a corporate body, the certification services
provider is required to verify in prior the identity of the person to receive the
certificate and the title of his representation of the corporate body.
Article 19: The certification services provider assumes the responsibility to
Immediately suspend the certificate by request of its owner or when it has
determined:
•
The certificate was delivered based on false or counterfeit information ;
•
That the signature establishment solution was infringed ;
•
That the certificate was used for forgery purposes ;
•
That the information included in the certificate has changed.
The certification services provider assumes the responsibility to immediately inform
the certificate owner when the certificate is suspended and the reasons behind such
measure.
The suspension is immediately lifted when the information included in the certificate
has been determined to be accurate and that its use is legitimate.

Select target paragraph3