Regulation of Certifying Authorities

17. Appointment of Controller and other officers.

  • The Central Government may, by notification in the Official Gazette, appoint a Controller of Certifying Authorities for the purposes of this Act and may also by the same or subsequent notification appoint such number of Deputy Controllers and Assistant Controllers as it deems fit.
  • The Controller shall discharge his functions under this Act subject to the general control and directions of the Central Government.
  • The Deputy Controllers and Assistant Controllers shall perform the functions assigned to them by the Controller under the general superintendence and control of the Controller.
  • The qualifications, experience and terms and conditions of service of Controller, Deputy Controllers and Assistant Controllers shall be such as may be prescribed by the Central Government.
  • The Head Office and Branch Office of the office of the Controller shall be at such places as the Central Government may specify, and these may be established at such places as the Central Government may think fit.
  • There shall be a seal of the Office of the Controller.

18. Functions of Controller.

The Controller may perform all or any of the following functions, namely: -

  • exercising supervision over the activities of the Certifying Authorities.
  • certifying public keys of the Certifying Authorities.
  • laying down the standards to be maintained by the Certifying Authorities.
    The Gazettie
  • specifying the qualifications and experience which employees of the Certifying Authorities should possess.
  • specifying the conditions subject to which the Certifying Authorities shall conduct their business.
  • specifying the contents of written, printed or visual materials and advertisements that may be distributed or used in respect of a Digital Signature Certificate and the public key.
  • specifying the form and content of a Digital Signature Certificate and the key.
  • specifying the form and manner in which accounts shall be maintained by the Certifying Authorities.
  • specifying the terms and conditions subject to which auditors may be appointed and the remuneration to be paid to them.
  • facilitating the establishment of any electronic system by a Certifying Authority either solely or jointly with other Certifying Authorities and regulation of such systems.
  • specifying the manner in which the Certifying Authorities shall conduct their dealings with the subscribers.
  • resolving any conflict of interests between the Certifying Authorities and the subscribers.
  • laying down the duties of the Certifying Authorities.
  • maintaining a data base containing the disclosure record of every Certifying Authority containing such particulars as may be specified by regulations, which shall be accessible to public.