(1)
There shall be, for the purposes of this Act, a Controller of Certification Authorities.
(2)
For the purposes of this Act, the ICT Authority shall be the Controller and may be
assisted by such of its officers and other members of its staff as may be necessary.
Amended by [Act No. 7 of 2009]
(3)
The Controller shall maintain a publicly accessible database containing a
certification authority disclosure record for each licensed certification authority
which shall contain such particulars as may be prescribed.
(4)
In the application of the provisions of this Act to certificates
issued by the Controller and to digital signatures verified by reference to those
certificates, the Controller shall be deemed to be a licensed certification authority.
Amended by [Act No. 7 of 2009]
38.
Recommended reliance limit
(1)
A licensed certification authority shall, where it issues a certificate to a subscriber,
specify a recommended reliance limit in the certificate.
(2)
The licensed certification authority may specify different limits in different
certificates.
39. Liability limits for licensed certification authorities
A licensed certification authority shall not be liable (a)
for any loss caused by reliance on a false or forged digital signature of a subscriber,
where it has acted in compliance with the requirements of this Act relating thereto;
(b)
in excess of the amount specified in the certificate as its recommended reliance
limit for either (i)
a loss caused by reliance on a misrepresentation in the certificate of any
fact that the licensed certification authority is required to confirm; or
(ii)
failure to comply with sections 26 and 27 in issuing the certificate.
PART XI - PUBLIC SECTOR USE OF ELECTRONIC RECORDS AND
SIGNATURES
40.
Acceptance of electronic filling and issue of documents
(1)
A public sector agency which, pursuant to any enactment-