Previous 17 / 28 Next
Normal view
(f)

27.

Representations on issue of certificate
(1)

A certification authority shall, by the issue of a certificate, represent to a person who
reasonably relies on the certificate or a digital signature verifiable by the public key
referred to in the certificate that the certification authority has issued the certificate
in accordance with any certification practice statement incorporated by reference in
the certificate or of which the relying person has notice.

(2)

In the absence of any certification practice statement, the certification authority
shall, subject to subsection (3), represent that -

(3)

28.

the public key to be referred to in the certificate can be used to verify a
digital signature affixed by the private key held by the prospective
subscriber.

(a)

it has complied with all applicable requirements of this Act in issuing the
certificate, and where it has published the certificate or otherwise made it
available to a person relying on it that the subscriber referred to in the
certificate has accepted it;

(b)

the subscriber identified in the certificate holds the private key
corresponding to the public key referred to in the certificate;

(c)

the subscriber’s public key and private key constitute a functioning key pair;

(d)

the information in the certificate is accurate, unless it has stated in the
certificate, or incorporated by reference in the certificate a statement, that
the accuracy of specified information is not confirmed; and

(e)

it has no knowledge of any material fact which would, if it had been included
in the certificate, adversely affect the reliability of the representations in
paragraphs (a) to (d).

Where there is a certification practice statement which has been incorporated by
reference in the certificate, or of which the person relying on it has notice,
subsection (2) shall apply to the extent that the representations are not inconsistent
with the certification practice statement.

Suspension of certificate
A certification authority shall, unless it has otherwise agreed with the subscriber,
immediately suspend a certificate which it has issued to the subscriber upon a request by -

29.

(a)

the subscriber referred to in the certificate; or

(b)

a person duly authorised to act on behalf of the subscriber.

Revocation of certificate

Select target paragraph3

  • Uwazi is developed by uwazi

    in Kenya, Ecuador, Spain, Germany and USA.

  •  
  • ICT Policy Africa
  •  
  • Library
  • Login