Electronic Communications and Transactions Act, 2002 (Act No. 25 of 2002)

Accreditation Regulations

Chapter III : Requirements for certification service providers

13. Technical requirements

Purchase cart Previous page Return to chapter overview Next page

 

(1)A certification service provider whose authentication products and services are based on PKI must comply with SANS 21 188.

 

(2)All certificates issued by a certification service provider must, if accredited by the South African Accreditation Authority, conform to the ITU X.509 standard and must contain the following data, among other things—
(a)The serial number of the certificate that distinguishes it from other certificates;
(b)The signature algorithm identifier that identifies the algorithm used by the certification service provider to sign the certificate;
(c)The name of the certification service provider that issued the certificate;
(d)The period of validity of the certificate;
(e)The name of the subscriber whose public key the certificate identifies;
(f)The public key information of the subscriber;
(g)Confirmation that it is a certificate that has been accredited by the South African Accreditation Authority and reference to the uniform resource locator of the South African Accreditation Authority's website.

 

(3)Three-factor authentication or a similar acceptable level of security is required for the storage of the private key where authentication products and services are based on PKI.