Page:Electronic Transactions Act 2010.pdf/39

40 ::(ii) in a repository; or
 * (b) otherwise demonstrates approval of the certificate while knowing or having notice of its contents.

(2) By accepting a certificate issued by himself or a certification authority, the subscriber listed in the certificate certifies to all who reasonably rely on the information contained in the certificate that—
 * (a) the subscriber rightfully holds the private key corresponding to the public key listed in the certificate;
 * (b) all representations made by the subscriber to the certification authority and material to the information listed in the certificate are true; and
 * (c) all information in the certificate that is within the knowledge of the subscriber is true.

Control of private key

24.—(1) By accepting a certificate issued by a certification authority, the subscriber identified in the certificate assumes a duty to exercise reasonable care to retain control of the private key corresponding to the public key listed in such certificate and prevent its disclosure to a person not authorised to create the subscriber’s digital signature.

(2) Such duty shall continue during the operational period of the certificate and during any period of suspension of the certificate.

Initiating suspension or revocation of certificate

25. A subscriber who has accepted a certificate shall as soon as possible request the issuing certification authority to suspend or revoke the certificate if the private key corresponding to the public key listed in the certificate has been compromised. FOURTH SCHEDULE Sections 20 and 21 DESIGNATED PERSONS 1. Certification authorities, as defined in paragraph 1 of the Third Schedule.