Subscriber under Information Technology Act, means when a person holds a Digital
Signature Certificate (DSC) i.e. now he is eligible to digitally sign his
Electronic Records.
And this DSC issues by the licenced Certifying Authority to a subscriber.
Sec 2(1) (zg) of this Act does not define the term Subscriber clearly, it only
speaks, subscriber is a person in whose name the DSC is issued.
(To secure our E-Records we need to put digital signature on it, and for this we
must have a DSC, and in order to obtain a DSC we need to become Subscribers under
IT Act.)
Who can become a subscriber?
An individual, Hindu Undivided Family, Company, Partnership Firm, Association of
Persons, Local Authority and Government Organisation or Agency could become a
subscriber.
•Duties of Subscriber (Section 40 - 42)
Section 40. Generating key pair.-
Where any Digital Signature Certificate the public key of which corresponds to the
private key of that subscriber which is to be listed in the Digital Signature
Certificate has been accepted by a subscriber, the subscriber shall generate that
key pair by applying the security procedure.
The subscriber wishing to use encryption will use two distinct private and public
key.
Private key is solely used for encrypting electronic data. This key resides in his
computer/ browser. The public key is used to decrypt the data.
The key generation process shall generate statistically random key values which are
resistant o known attacks. The signing with key pair is a trustworthy medium and
assumes the responsibility for safeguarding the private key.
Section 40A.
In respect of Electronic Signature Certificate the subscriber shall perform such
duties as may be prescribed.
Section 41. Acceptance of Digital Signature Certificate. -
A subscriber shall be deemed to have accepted a Digital Signature Certificate if he
publishes or authorises the publication of a Digital Signature Certificate-
1. to one or more persons;
2. in a repository; or
3. otherwise demonstrates his approval of the Digital Signature
Certificate in any manner.
By accepting a Digital Signature Certificate the subscriber certifies to all who
reasonably rely on the information contained in the Digital Signature Certificate
that-
1. the subscriber holds the private key corresponding to the public key listed in
the Digital Signature Certificate and is entitled to hold the same;
1.
2. all representations made by the subscriber to the Certifying Authority
and all material relevant to the information contained in the Digital Signature
Certificate are true;
3. all information in the Digital Signature Certificate that is within the
knowledge of the subscriber is true.
Section 42. Control of private key.-
1. Every subscriber shall exercise reasonable care to retain control of
the private key corresponding to the public key listed in his Digital Signature
Certificate and take all steps to prevent its disclosure.
2. If the private key corresponding to the public key listed in the
Digital Signature Certificate has been compromised, then, the subscriber shall
communicate the same without any delay to the Certifying Authority in such manner
as may be specified by the regulations.
3. The subscriber shall be liable till he has informed the Certifying
Authority that the private key has been compromised.
