(f) Information regarding the conditions of usage of the certificate and limits on the
value of transactions, where applicable;
(g) The secure electronic signature of the certification service provider that verifies
the information in the certificate;
(h) Sufficient information that can be used to locate or identify one or more
repositories in which notification of the revocation or suspension of the certificate
would be listed, if the certificate is suspended or revoked; and
(i) Any other information as may be determined by the Commission from time to
time.
(2) A certification service provider shall determine, based on official documents,
the identity of the person to whom a certificate is issued and shall specify, in the
certification practice statement, the subscriber identity verification method applied
in the issuance of certificates.
(3) A certification service provider shall give a subscriber an opportunity to verify
the contents of the certificate before the subscriber accepts it.
(4) A certification service provider shall inform a subscriber, in writing, the legal
effect of an advanced electronic signature, the limitations on use of certificates and
the dispute resolution procedures, applicable.
(5) A certification service provider shall warn subscribers, in writing, not to allow
third parties to use signature creation data associated with signature verification
data in the certificate.
(6) Where the subscriber accepts the issued certificate, the certification service
provider shall publish a signed copy of the certificate in a repository in accordance
with regulation 8.
(7) Where the subscriber does not accept the certificate, the certification service
provider shall not publish the certificate.
(8) Once a certificate has been issued by the certification service provider and
accepted by the subscriber, the certification service provider shall notify the
subscriber, within a reasonable time, of any fact that subsequently becomes known