signature-creation data;
d) the commencement and expiry date of the
certificate;
e) the information regarding the authorization of the
subscriber if such subscriber acts on behalf of
another person;
f) information related to conditions of usage of the
certificate and limits on the value of transactions
where applicable;
g) the secure electronic signature of the certification
service provider that verifies the information in
the certificate;
h) information sufficient to locate or identify one or
more repositories in which notification of the
revocation or suspension of the certificate would
be listed if the certificate is suspended or
revoked;
i) any other information required
Commission to be included.
by
the
2) It shall be the responsibility of the certification service
provider to determine reliably, based on official
documents, the identity of the person to whom a
certificate is issued. The subscriber identity verification
method employed for issuance of certificates shall be
specified in the certification practice statement.
3) Where an additional certificate is issued to a person on
the basis of another valid certificate held by the same
person and subsequently the original certificate is
suspended or revoked, the Certification Service Provider
that issued the new certificate must conduct
investigations to determine whether it is necessary to
suspend or revoke the new certificate.
4) A Certification Service Provider shall afford reasonable
opportunity to a subscriber to verify the contents of the
certificate before it is accepted.
5) A certification service provider shall be obliged to
inform subscribers, in writing, that an advanced
electronic signature has the same legal effect in a
transaction as a handwritten signature, the limitations on
7