Duties of Subscriber

August 27, 2024

Duties of Subscriber

“Subscriber” means a person in whose name the Electronic Signature Certificate is issued.  Chapter VIII i.e. Secs.40 to 42 of the IT Act, 2000 deals with the duties of subscribers.Where any Digital Signature Certificate, the public key of which corresponds to the private key of that subscriber which is to be listed in the Digital Signature Certificate has been accepted by a subscriber, the subscriber should generate that key pair by applying the security procedure.

A subscriber will be deemed to have accepted a Digital Signature Certificate if he publishes or authorises the publication of a Digital Signature Certificate –

(a) to one or more persons;

(b) in a repository, or otherwise demonstrates his approval of the Digital Signature Certificate in any manner.

By accepting a Digital Signature Certificate the subscriber certifies to all who reasonably rely on the information contained in the Digital Signature Certificate that –

(a) the subscriber holds the private key corresponding to the public key listed in the Digital Signature Certificate and is entitled to hold the same;

(b) all representations made by the subscriber to the Certifying Authority and all material relevant to the information contained in the Digital Signature Certificate are true;

(c) all information in the Digital Signature Certificate that is within the knowledge of the subscriber is true.

Every subscriber should exercise reasonable care to retain control of the private key corresponding to the public key listed in his Digital Signature Certificate and take all steps to prevent its disclosure.

Where the private key corresponding to the public key listed in the Digital Signature Certificate has been compromised, the subscriber should communicate the same without any delay to the Certifying Authority. An application for revocation of the key pair should be made in Form online on the website of the concerned Certifying Authority to enable revocation and publication in the Certificate Revocation List. The Subscriber should encrypt this transaction by using the public key of the Certifying Authority. The transaction should be further authenticated with the private key of the subscriber even though it may have already been compromised. The subscriber

will be liable till he has informed the Certifying Authority that the private key has been compromised. 

To download this note as a PDF and have a handy reference for future use

Attention to all law students!
Are you missing out on internships, job opportunities, and essential law notes?
Don’t worry! Join over 45,000 students who are already part of the largest legal community. Don’t get left behind!
Become a member of our WhatsApp Groups (Click Here) and Telegram Channel (Click Here) for instant update

If you want to add something or just say thank you,