Regulation 12 shall apply.
10) The date and time of all transactions in relation to the
suspension of certificates must be logged and kept in a
secure manner.
Revocation of
Certificates
12.
1) Certification Service Providers shall immediately revoke
a certificate upon:
a) the request of a subscriber;
b) the detection of forgery or falsification of the
information existing in the database or changes in
such information; and
c) the detection of disability to act, bankruptcy or
legally accepted disappearance or death of the
subscriber.
2) Certification Service Providers shall maintain facilities to
receive and act upon requests for revocation at all times
of the day and on all days of every year.
3) In order to confirm the identity of the subscriber or
authorised agent making a request for revocation, the
Certification Service Provider must use the subscriber
identity verification method specified in the certification
practice statement.
4) A Certification Service Provider shall, upon revoking a
certificate, give notice of the revocation to the subscriber
and publish notification thereof in the repository.
5) The date and time of all transactions in relation to the
revocation of certificates must be logged and kept in a
secure manner.
6) It shall be the responsibility of relying parties to check
the status of certificates they wish to rely upon.
Certification
Practice Statement
13.
1) Certification Service Providers shall prepare certification
practice statements in accordance with guidelines issued
by the Commission from time to time and submit them
for approval by the Commission before commencement
of operations.
2) Any change to the certification practice statement shall
10