A certification authority shall revoke a certificate upon receiving a request to the effect by
the subscriber referred to in the certificate after confirming that the person making the
request is the subscriber, or is an agent of the subscriber with authority to make the
request.
30.
Revocation without subscriber’s consent
(1)
(2)
31.
32.
A certification authority shall, without the consent of the
subscriber, revoke a certificate where (a)
a material fact represented in the certificate is false;
(b)
a requirement for the issue of the certificate was not satisfied;
(c)
the certification authority's private key or trustworthy system is compromised
in a manner materially affecting the certificate's reliability;
(d)
an individual subscriber is dead; or
(e)
a subscriber is dissolved, wound-up or otherwise ceases to exist.
The certification authority shall immediately notify the subscriber referred to in the
revoked certificate of any revocation under subsection (1)(a), (b) or (c).
Notice or suspension
(1)
A certification authority shall, upon the suspension of a certificate, forthwith publish
a notice of the suspension in the repository specified in the certificate for that
purpose.
(2)
Where more than one repository is specified, the certification authority shall publish
notices of the suspension in every repository.
Notice of revocation
(1)
The certification authority shall, upon revocation of a certificate, forthwith publish a
notice of the revocation in the repository specified in the certificate for that purpose
(2)
Where more than one repository is specified, the certification authority shall publish
notices of the revocation in every repository.
PART IX. 0BLIGATIONS OF SUBSCRIBERS
33.
Generating key pair
(1)
Subject to subsection (2), where a subscriber generates a key pair of which the
public key is to be set out in certificate and accepted by the subscriber, the
subscriber shall generate the key pair using a trustworthy system.
(2)
Subsection (1) shall not apply to a subscriber who generates a key pair using a
system approved by a certification authority.