Page:Electronic Transactions Ordinance (Cap. 553).pdf/5

ELECTRONIC TRANSACTIONS ORDINANCE :(b) uses the certificate; or
 * (c) otherwise demonstrates the approval of the certificate;

“addressee” (收訊者), in relation to an electronic record sent by an originator, means the person who is specified by the originator to receive the electronic record but does not include an intermediary;

“asymmetric cryptosystem” (非對稱密碼系統) means a system capable of generating a secure key pair, consisting of a private key for generating a digital signature and a public key to verify the digital signature;

“certificate” (證書) means a record which—
 * (a) is issued by a certification authority for the purpose of supporting a digital signature which purports to confirm the identity or other significant characteristics of the person who holds a particular key pair;
 * (b) identifies the certification authority issuing it;
 * (c) names or identifies the person to whom it is issued;
 * (d) contains the public key of the person to whom it is issued; and
 * (e) is signed by a responsible officer of the certification authority issuing it;

“certification authority” (核證機關) means a person who issues a certificate to a person (who may be another certification authority);

“certification authority disclosure record” (核證機關披露紀錄), in relation to a recognized certification authority, means the record maintained under section 31 for that certification authority;

“certification practice statement” (核證作業準則) means a statement issued by a certification authority to specify the practices and standards that the certification authority employs in issuing certificates;

“code of practice” (業務守則) means the code of practice issued under section 33;

“correspond” (對應), in relation to private or public keys, means to belong to the same key pair;

“digital signature” (數碼簽署), in relation to an electronic record, means an electronic signature of the signer generated by the transformation of the electronic record using an asymmetric cryptosystem and a hash function such that a person having the initial untransformed electronic record and the signer’s public key can determine—
 * (a) whether the transformation was generated using the private key that corresponds to the signer’s public key; and
 * (b) whether the initial electronic record has been altered since the transformation was generated;

“Director” (署長) means the Director of Information Technology Services;

“electronic record” (電子紀錄) means a record generated in digital form by an information system, which can be—