- (d) all information in the certificate is accurate, unless the certification authority has stated in the certificate or incorporated by reference in the certificate a statement that the accuracy of specified information is not confirmed; and
- (e) the certification authority has no knowledge of any material fact which if it had been included in the certificate would adversely affect the reliability of the representations in sub-paragraphs (a) to (d).
(3) Where there is an applicable certification practice statement which has been incorporated by reference in the certificate, or of which the relying person has notice, sub-paragraph (2) shall apply to the extent that the representations are not inconsistent with the certification practice statement.
Suspension of certificate
16. Unless the certification authority and the subscriber agree otherwise, the certification authority that issued a certificate shall suspend the certificate as soon as possible after receiving a request by a person whom the certification authority reasonably believes to be—
- (a) the subscriber listed in the certificate;
- (b) a person duly authorised to act for that subscriber; or
- (c) a person acting on behalf of that subscriber, who is unavailable.
Revocation of certificate
17. A certification authority shall revoke a certificate that it issued—
- (a) after receiving a request for revocation by the subscriber listed in the certificate; and confirming that the person requesting the revocation is the subscriber, or is an agent of the subscriber with authority to request the revocation;
- (b) after receiving a certified copy of the subscriber’s death certificate, or upon confirming by other evidence that the subscriber is dead; or
- (c) upon presentation of documents effecting a dissolution of the subscriber, or upon confirming by other evidence that the subscriber has been dissolved or has ceased to exist.
Revocation without subscriber’s consent
18.—(1) A certification authority shall revoke a certificate, regardless of whether the subscriber listed in the certificate consents, if the certification authority confirms that —
- (a) a material fact represented in the certificate is false;
- (b) a requirement for issuance of the certificate was not satisfied;
- (c) the certification authority’s private key or trustworthy system was compromised in a manner materially affecting the certificate’s reliability;
- (d) an individual subscriber is dead; or
