Acts Online
GT Shield

Electronic Communications and Transactions Act, 2002 (Act No. 25 of 2002)

Accreditation Regulations

Chapter III : Requirements for certification service providers

21. Suspension and revocation of certificates

 

 

1) Unless a certification service provider and a subscriber agree otherwise, the certification service provider must suspend a certificate with immediate effect upon receiving a request to do so from the subscriber listed in the certificate or a person duly authorised to act for that subscriber.

 

2) The certification service provider must revoke any certificate that it issued –
a) after receiving a request for revocation from a subscriber named in the certificate and confirming that the person requesting the revocation is the subscriber or an agent of the subscriber with authority to request the revocation;
b) after receiving a certified copy of the subscriber's death certificate; or
c) upon presentation of documentary proof that a subscriber that is a Iegal person has been wound up or deregistered or has ceased to exist.

 

3) A certification service provider must revoke a certificate, regardless of whether the subscriber listed in the certificate consents, if after verification –
a) a material fact represented in the certificate is found to be false;
b) a requirement for the issuing of the certificate was not satisfied;
c) the certification service provider's private key or trustworthy system was compromised in a manner that materially affects the reliability of the certificate; or
d) a subscriber has breached a subscriber agreement with the certification service provider.

 

4) Upon effecting a revocation contemplated in sub-regulation (3), the certification service provider must immediately notify the subscriber listed in the revoked certificate and publish the revocation in its repository.