DIGITAL SIGNATURE REGULATIONS 1998

[Home] [Databases] [WorldLII] [Search] [Feedback]
Malaysia Legislation

LAWS OF MALAYSIA

DIGITAL SIGNATURE ACT 1997 [ACT 562]

P.U.(A) 359/98

DIGITAL SIGNATURE REGULATIONS 1998

Publication :	1st October 1998
Date of coming into operation :	1st October 1998

___________________________
ARRANGEMENT OF REGULATIONS
___________________________

Preamble

PART I - PRELIMINARY

Regulation 1. Citation and commencement.
Regulation 2. Interpretation.
Regulation 3. Forms.
Regulation 4. Fees.

PART II - LICENSING OF CERTIFICATION AUTHORITIES

Regulation 5. Stages of licence.
Regulation 6. Qualification requirements.
Regulation 7. Application for licence.
Regulation 8. Information required for establishment stage.
Regulation 9. Information required for operation stage.
Regulation 10. Issue of licence.
Regulation 11. Implied conditions.
Regulation 12. Renewal of licence.
Regulation 13. Replacement of licence.
Regulation 14. Amendment of licence on request.
Regulation 15. Power to amend, etc. conditions of licence.
Regulation 16. Transfer or assignment of licence.
Regulation 17. Partnerships in licence.
Regulation 18. Register of Licences.
Regulation 19. Certified copy of licence.

PART III - CERTIFICATION AUTHORITY DISCLOSURE RECORD

Regulation 20. Contents of certification authority disclosure record.
Regulation 21. Form of certification authority disclosure record.
Regulation 22. Retention of certification authority disclosure record.

PART IV - SUITABLE GUARANTEES AND CLAIMS

Regulation 23. Suitable guarantee.
Regulation 24. Return of suitable guarantee.
Regulation 25. Collection on suitable guarantee.
Regulation 26. Procedure for claim.
Regulation 27. Claims after suitable guarantee returned.

PART V - APPROVED DIGITAL SIGNATURE SCHEME AND KEY MANAGEMENT

Regulation 28. Approved digital signature scheme to be used.
Regulation 29. Approved digital signature scheme.
Regulation 30. Storage of private keys.
Regulation 31. Key length.
Regulation 32. Prohibition against duplication of private key.
Regulation 33. Disposal of key pairs.

PART VI - REGULATION OF CERTIFICATION PRACTICE

Regulation 34. Key generation.
Regulation 35. Certification practice statement.
Regulation 36. Duty of instruction.
Regulation 37. Application for certificate.
Regulation 38. Issue of certificate.
Regulation 39. Certificate Revocation List.
Regulation 40. Chargeable fees.

PART VII - COMPLIANCE AUDITS

Regulation 41. Qualification and registration of auditors.
Regulation 42. Procedure for annual compliance audit.
Regulation 43. Auditor's report.
Regulation 44. Additional compliance audits.
Regulation 45. Offence to obstruct or interfere with compliance audit.
Regulation 46. Consequence of failing annual compliance audit.

PART VIII - REPOSITORIES

Regulation 47. Stages of certificate of recognition for repositories.
Regulation 48. Qualification requirements for recognition.
Regulation 49. Functions of recognised repository.
Regulation 50. Chargeable fees.
Regulation 51. Application for certificate of recognition.
Regulation 52. Information required for establishment stage.
Regulation 53. Information required for operation stage.
Regulation 54. Issue and renewal of certificate of recognition.
Regulation 55. Revocation of certificate of recognition.
Regulation 56. Surrender of certificate of recognition.
Regulation 57. Register of Recognised Repositories.

PART IX - DATE/TIME STAMP SERVICES

Regulation 58. Use of time-stamps.
Regulation 59. Effect of time-stamp by recognised date/time stamp service.
Regulation 60. Stages of certificate of recognition for date/time stamp services.
Regulation 61. Qualification requirements for recognition.
Regulation 62. Functions of recognised date/time stamp service.
Regulation 63. Chargeable fees.
Regulation 64. Application for certificate of recognition.
Regulation 65. Information required for establishment stage.
Regulation 66. Information required for operation stage.
Regulation 67. Issue and renewal of certificate of recognition.
Regulation 68. Revocation of certificate of recognition.
Regulation 69. Surrender of certificate of recognition.
Regulation 70. Register of Recognised Date/Time Stamp Services.

PART X - RECOGNITION OF FOREIGN CERTIFICATION AUTHORITIES

Regulation 71. Criteria for recognition of foreign certification authorities.
Regulation 72. Application for recognition.
Regulation 73. Grant of recognition
Regulation 74. Revocation of recognition.
Regulation 75. Application for revocation of recognition.
Regulation 76. Register of Recognised Foreign Certification Authorities.

PART XI - GENERAL

Regulation 77. Multiple services allowed.
Regulation 78. Record-keeping.
Regulation 79. Books of account.
Regulation 80. Retention and custody of records.
Regulation 81. Technical components.
Regulation 82. Data protection.
Regulation 83. Review of software, etc.
Regulation 84. Directives and administrative orders.
Regulation 85. Guidelines.

FIRST SCHEDULE (Regulation 3) - FORMS
SECOND SCHEDULE (Regulation 4) - FEES
THIRD SCHEDULE [Subregulation 35(2)] - PARTICULARS TO BE INCORPORATED IN CERTIFICATION PRACTICE STATEMENT
FOURTH SCHEDULE (Regulation 81) - TECHNICAL COMPONENTS