(a) Act in accordance with representations made by it with respect to its policies and practices;
(b) Exercise reasonable care to ensure the accuracy and completeness of all material representations made by it that are relevant to the certificate throughout its life cycle or that are included in the certificate;
© Provide reasonably accessible means that enable a relying party to ascertain from the certificate:
(i) The identity of the certification service provider;
(ii) That the signatory that is identified in the certificate had control of the signature creation data at the time when the certificate was issued;
(iii) That signature creation data were valid at or before the time when the certificate was issued;
(d) Provide reasonably accessible means that enable a relying party to ascertain, where relevant, from the certificate or otherwise:
(i) The method used to identify the signatory;
(ii) Any limitation on the purpose or value for which the signature creation data or the certificate may be used;
(iii) That the signature creation data are valid and have not been compromised;
(iv) Any limitation on the scope or extent of liability stipulated by the certification service provider;
(v) Whether means exist for the signatory to give notice pursuant to article 8, paragraph 1 (b), of this Law;
(vi) Whether a timely revocation service is offered;
(e) Where services under subparagraph (d) (v) are offered, provide a means for a signatory to give notice pursuant to article 8, paragraph 1 (b), of this Law and, where services under subparagraph (d) (vi) are offered, ensure the availability of a timely revocation service;
(f) Utilize trustworthy systems, procedures and human resources in performing its services.
۲٫ A certification service provider shall bear the legal consequences of its failure to satisfy the requirements of paragraph
Article 10. Trustworthiness
For the purposes of article 9, paragraph 1 (f), of this Law in determining whether, or to what extent, any systems, procedures and human resources utilized by a certification service provider are trustworthy, regard
may be had to the following factors:
(a) Financial and human resources, including existence of assets;
(b) Quality of hardware and software systems;
© Procedures for processing of certificates and applications for certificates and retention of records;
(d) Availability of information to signatories identified in certificates and to potential relying parties;
(e) Regularity and extent of audit by an independent body;
(f) The existence of a declaration by the State, an accreditation body or the certification service provider regarding compliance with or existence of the foregoing; or
(g) Any other relevant factor. ↑
-
- Vacca John, public Key Infrastructure – Building Trusted Application and Web Services Auerbach Publications, first edition, USA, 2004, p.308 ↑
-
-
- دفاتر خدمات صدور گواهی الکترونیکی واحدهایی هستند که برای ارائهخدمات صدور امضای الکترونیکی در کشور تأسیس میشوند. این خدمات شامل تولید،صدور، ذخیره، ارسال، تأیید، ابطال و به روز نگهداری گواهیهای اصالت (امضای)الکترونیکی میباشد. ↑
-
-
- آئیننامه و ضوابط نظام تأسیس و شرح وظایف این دفاتر توسط سازمانمدیریت و برنامهریزی کشور و وزارتخانههای بازرگانی، ارتباطات و فناوری اطلاعات،امور اقتصادی و دارایی و دادگستری تهیه و به تصویب هیئت وزیران خواهد رسید. ↑
-
- گفتاری در باب ضرورت انجام تصدیق امضاء در دفاتر اسناد رسمی، مجله حقوقی کانون، سال ۱۳۸۳، شماره ۵۳، ص۱۱-۲۲ ↑
-
- پیشنهادهایی در خصوص اصلاج طرح آئین نامه ماده ۳۲ قانون تجارت الکترونیکی، عباسی داکانی، خسرو، مجله حقوقی کانون، شماره ۶۰، صفحه ۹۳ ↑
-
- Cyber notary ↑
