284
CAP. 411A
Kenya Information and Communications
[Rev. 2011
[Subsidiary]
(f) ensure protection of private information and safekeeping of data
security; and
(g) provide time-stamp services.
Records
management.
8. (1) A certification service provider shall, keep securely allrecords
relating to—
(a) issuance, renewal, suspension or revocation of certificates,
including the identity of any person requesting for a certificate;
(b) the process of generating key pairs by the subscribers or the licensed
certification service provider;
(c) the administration of its computing facilities; and (d) such other
information as may be determined by the Commission from time
to time.
(2) A certification service provider may keep its records in paper- based
form, electronic form or any other form approved by the Commission from
time to time.
(3) A certification service provider shall index, store, and preserve the
records kept under paragraph (2) in a form that the records may be reproduced
in an accurate, complete, legible manner and a manner accessible to the
Commission or to any authorized officer.
(4) A certification service provider shall retain copies of all the certificates
it has issued and preserve them so that they shall be accessible for a period of
not less than seven years.
(5) A certification service provider shall retain all records required to
be kept under paragraph (1) and all the logs of the creation of the archive of
certificates required under paragraph (3) for a period of not less than seven years.
Issuance of
certificates.
9. (1) A certification service provider certificate shall issue a certificate
containing—
(a) information identifying the certification service provider;
(b) information identifying the signature owner;
(c) signature-verification data which corresponds to signature- creation
data;
(d) the commencement and expiry date of the certificate;
(e) information regarding the authorization of the subscriber, if a
subscriber is acting on behalf of another person;
(f) information regarding the conditions of usage of the certificate and