use of certificates and the dispute resolution procedures.
6) A certification service provider shall warn subscribers, in
writing, not to allow third parties to use signature
creation adata associated with signature verification data
in the certificate.
7) Where the subscriber accepts the issued certificate, the
Certification Service Provider shall publish a signed copy
of the certificate in a repository referred to in paragraph
(1).
8) Where the subscriber does not accept the certificate, the
Certification Service Provider shall not publish it.
9) Once the certificate has been issued by the Certification
Service Provider and accepted by the subscriber, the
Certification Service Provider shall notify the subscriber
within a reasonable time of any fact known to the
Certification Service Provider that may significantly
affect the validity or reliability of the certificate.
10)
The date and time of all transactions in relation to
the issuance of a certificate must be logged and kept in a
secure manner.
Recognition of
foreign
certification service
providers
9.
1) [Certification services provided by foreign-based
Certification Service Providers may be recognized by the
Commission pursuant to the Act and these Regulations,
provided that such Certification Service Providers
provide their services through agencies registered and
based in Kenya and Licensed under the Act and these
Regulations.]
Renewal of
Certificates
10.
1) Regulation 8 shall apply to the renewal of certificates as
it applies to the issuance of certificates.
2) The subscriber identity verification method employed for
renewal of certificates shall be specified in the
certification practice statement.
3) The date and time of all transactions in relation to the
renewal of a certificate must be logged and kept in a
secure manner.
8