Singapore Government
Link to AGC Website
Home | Search | Browse | Results | My Preferences
 
Contents

Long Title

Part I PRELIMINARY

Part II ELECTRONIC RECORDS AND SIGNATURES GENERALLY

Part III LIABILITY OF NETWORK SERVICE PROVIDERS

Part IV ELECTRONIC CONTRACTS

Part V SECURE ELECTRONIC RECORDS AND SIGNATURES

Part VI EFFECT OF DIGITAL SIGNATURES

Part VII GENERAL DUTIES RELATING TO DIGITAL SIGNATURES

Part VIII DUTIES OF CERTIFICATION AUTHORITIES

Part IX DUTIES OF SUBSCRIBERS

Part X REGULATION OF CERTIFICATION AUTHORITIES

Part XI GOVERNMENT USE OF ELECTRONIC RECORDS AND SIGNATURES

Part XII GENERAL

Legislative History

 
Slider
Left Corner
Print   Link to In-Force Version
On 30/08/2014, you requested the version as published on or before 30/08/2014.
PART IX
DUTIES OF SUBSCRIBERS
Generating key pair
36.
—(1)  If the subscriber generates the key pair whose public key is to be listed in a certificate issued by a certification authority and accepted by the subscriber, the subscriber shall generate that key pair using a trustworthy system.
(2)  This section shall not apply to a subscriber who generates the key pair using a system approved by the certification authority.
Obtaining certificate
37.  All material representations made by the subscriber to a certification authority for purposes of obtaining a certificate, including all information known to the subscriber and represented in the certificate, shall be accurate and complete to the best of the subscriber’s knowledge and belief, regardless of whether such representations are confirmed by the certification authority.
Acceptance of certificate
38.
—(1)  A subscriber shall be deemed to have accepted a certificate if he —
(a)
publishes or authorises the publication of a certificate —
(i)
to one or more persons; or
(ii)
in a repository; or
(b)
otherwise demonstrates approval of a certificate while knowing or having notice of its contents.
(2)  By accepting a certificate issued by himself or a certification authority, the subscriber listed in the certificate certifies to all who reasonably rely on the information contained in the certificate that —
(a)
the subscriber rightfully holds the private key corresponding to the public key listed in the certificate;
(b)
all representations made by the subscriber to the certification authority and material to the information listed in the certificate are true; and
(c)
all information in the certificate that is within the knowledge of the subscriber is true.
Control of private key
39.
—(1)  By accepting a certificate issued by a certification authority, the subscriber identified in the certificate assumes a duty to exercise reasonable care to retain control of the private key corresponding to the public key listed in such certificate and prevent its disclosure to a person not authorised to create the subscriber’s digital signature.
(2)  Such duty shall continue during the operational period of the certificate and during any period of suspension of the certificate.
Initiating suspension or revocation of certificate
40.  A subscriber who has accepted a certificate shall as soon as possible request the issuing certification authority to suspend or revoke the certificate if the private key corresponding to the public key listed in the certificate has been compromised.