Ch Title
- Preamble
1 Preliminary
2 Digital and Electronic Signature
3 Electronic Governance
4 Attribution, Acknowledgement Despatch of Electronic Records
5 Secure Electronic Records and Secure Digital Signatures
6 Regulation of Certifying Authorities
7 Electronic  Signature Certificates
8 Duties of Subscribers
9 Penalties and Adjudication
10 The Cyber Appellate Tribunal
11 Offences
12 Network Service Providers Not to be liable in Certain cases
12A Examiner of Electronic Evidence
13 Miscellaneous

Amendments to Other Acts
Part III Indian Penal Code
Part IV Indian Evidence Act

Schedules
1 Excluded Documents
2 Electronic Signature Procedure

 Reference
  Objectives
  Notes on clauses
  Compendium of Rules

 
Section No
VIII. DUTIES OF SUBSCRIBERS
  
VIII 40     Generating Key Pair  
       

Where any Digital Signature Certificate, the public key of which corresponds to the private key of that subscriber which is to be listed in the Digital Signature Certificate has been accepted by a subscriber, (*) the subscriber shall generate that [substituted for "the" vide amendment dated 19/09/2002] key pair by applying the security procedure. [* word  "then"-deleted vide amendment dated 19/9/2002],
 

  
  40A     Duties of subscriber of Electronic Signature Certificate  
        In respect of Electronic Signature Certificate the subscriber shall perform such duties as may be prescribed. (Inserted Vide ITAA 2008)  
  41     Acceptance of Digital Signature Certificate.  
    (1)  

A subscriber shall be deemed to have accepted a Digital Signature Certificate if he publishes or authorizes the publication of a Digital Signature Certificate -

(a)  to one or more persons;
(b)

in a repository, or otherwise demonstrates his approval of the Digital Signature Certificate in any manner.
 

  
    (2)  

By accepting a Digital Signature Certificate the subscriber certifies to all who reasonably rely on the information contained in the Digital Signature Certificate that - 
 

(a)

the subscriber holds the private key corresponding to the public key  listed in the Digital Signature Certificate and is entitled to hold the same;
(b)

all representations made by the subscriber to the Certifying Authority and all material relevant to the information contained in the Digital Signature  Certificate are true;
(c)

all information in the Digital Signature Certificate that is within the  knowledge of the subscriber is true.
 

  
  42     Control of Private key  
    (1)  

Every subscriber shall exercise reasonable care to retain control of the private key corresponding to the r public key listed in his Digital Signature Certificate and take all steps to prevent its disclosure.[ "to a person not authorized to affix the digital signature of the subscriber".-Omitted vide amendment dated 19/09/2002]

  
    (2)  

 If the private key corresponding to the public key listed in the Digital Signature Certificate has been compromised, then, the subscriber shall communicate the same without any delay to the Certifying Authority in such manner as may be specified by the regulations.

Explanation - For the removal of doubts, it is hereby declared that the subscriber shall be liable till he has informed the Certifying Authority that the private key has been compromised.