c. the use by a Certification Service Provider of any
system other than a secure system.
4) Every Certification Service Provider shall provide every
subscriber with a secure and trustworthy system to
generate his key pair.
5) Every Certification Service Provider shall provide the
mechanism to generate and verify advanced electronic
signatures in a secure and trustworthy manner and the
mechanism provided shall also indicate the validity of
the signature.
6) If the advanced electronic signature is not valid, the
mechanism provided should indicate if the invalidity is
due to the integrity of the document or the signature and
the mechanism provided shall also indicate the status of
the certificate.
7) For mechanisms provided by third parties other than the
licensed Certification Service Provider, the resulting
signature is considered secure only if the licensed
Certification
Service
Provider
endorses
the
implementation of such mechanisms in conjunction with
its certificate.
8) Every licensed Certification Service Provider shall be
responsible for the storage of keys (including the
subscriber's key and the licensed Certification Service
Provider's own key) in a secure and trustworthy manner.
12