(p)
any other particulars relating to the certification service provider the
certification service provider or Controller deems appropriate.
(2) The Controller will review certification service provider disclosure records on
a regular basis to ensure that all required information is included in the
certification service provider disclosure records.
(3) Where a certification service provider believes that any of the information
contained in the database maintained by the Controller is false or misleading, the
provider shall immediately notify the Controller specifying the information and
the reasons why it should be changed.
16. Requirement to provide information for disclosure records
Every licensed or recognized certification service provider shall within two days
after grant of the licence or recognition provide to the Controller all the
information required by these Regulations to be maintained by the Controller.
17. Retention of certification service provider disclosure records
A repository shall retain the certification service provider disclosure records for
ten years.
PART V - REQUIREMENTS FOR ISSUING CERTIFICATES TO SUBSCRIBERS
18. Types of certificates
(1) Subject to any conditions imposed by the licence or recognition, a certification
service provider may issue certificates to subscribers with different levels of
assurance.
(2) The certification service provider shall set out distinct provisions in its
certification practice statement for approval by the Controller for each type of
certificate to be issued.
(3) The certification service provider shall bring to the attention of subscribers
and relying parties, the effect of using and relying on different types of
certificates.
19. Issuing certificates to subscribers