subscriber shall accept the certificate, upon which, certain representations shall
be implied on the subscriber;
(l)
a statement advising potential subscribers to immediately notify the
certification service provider when the subscriber’s private key is compromised;
(m)
a statement advising potential subscribers that data with digital signatures
may need to be re-signed when the security value of an available digital
signature decreases;
(2) A certification service provider who contravenes sub regulation (1) commits
an offence and is liable on conviction to a fine not exceeding seventy currency
points or imprisonment not exceeding three years or both.
PART VII- REPOSITORIES
26. Responsibilities of providers of repository services
(1) Every repository provider shall establish and maintain a publicly accessible
database for the purposes of (a)
publishing the information required to be published under the Act and
these Regulations;
(b)
publishing the additional information required by the Controller;
(c)
publishing the additional information a licensed or recognized
certification service provider may require; and
(d)
publishing any other necessary or appropriate information for the
purposes of the Act or these Regulations.
(2) A repository provider shall ensure that the publicly accessible database is
maintained in a manner that does not contain information which the provider
knows to be incorrect or is likely to be incorrect, inaccurate or not reasonably
reliable.
(3) A repository provider shall publish all information received and required to
be published as soon as practicable, but not later than twenty four hours after
receipt of the information.