Article 15:
The National Authority for the Accreditation and Supervision of Electronic Certification, hereinafter
referred to as the National Authority, has as its mission, in addition to the powers conferred on it by
other articles of this law:
- to propose to the government the standards of the accreditation system and to take the necessary
measures for its implementation;
- to certify electronic certification service providers and to control their activities.
Article 16:
The national authority shall publish an extract of the approval decision in the " Official Bulletin " and
keep a register of approved electronic certification service providers, which shall be subject, at the end
of each year, to a publication in the " Official Bulletin ".
Article 17:
The national authority shall ensure compliance by the electronic certification service providers issuing
secure electronic certificates with the commitments provided for by the provisions of this law and the
texts adopted for its application.
Article 18:
The national authority may, either ex officio or at the request of any interested person, verify or have
verified the conformity of the activities of an electronic certification service provider issuing secure
electronic certificates with the provisions of this article. law or texts taken for its application. It may use
experts to carry out its control missions.
Article 19:
In the performance of their verification mission, referred to in Article 18 above, the agents of the
national authority, as well as the experts designated by it, have, on the basis of their qualifications, the
right to access any establishment and take cognizance of all the mechanisms and technical means
relating to secure electronic certification services that they deem useful or necessary for the
accomplishment of their mission.
Section 2: Electronic Certification Service Providers
Article 20:
Only electronic certification service providers approved under the conditions laid down by this Law and
the texts adopted for its application may issue and issue secure electronic certificates and administer
the services related thereto.
Article 21: In
order to be approved as an electronic certification service provider, the applicant for approval must be
incorporated as a company having its registered office in the Kingdom and:
1 - fulfill technical conditions guaranteeing:
a - the reliability of the electronic certification services it provides, including the technical and
cryptographic security of the functions provided by the systems and cryptographic means it proposes;
b - the confidentiality of the electronic signature creation data that it provides to the signatory;