Information Technology Act, 2000
34. Disclosure. –
(1) Every Certifying Authority shall disclose in the manner specified by regulations.-
(a) Its Digital Signature Certificate which contains the public key corresponding to the private key used by that Certifying Authority to digitally sign another Digital Signature Certificate;
(b) and certification practice statement relevant thereto;
(c) notice of the revocation or suspension of its Certifying Authority certificate if any; and
(d) any other fact that materially and adversely affects either the reliability of a Digital Signature Certificate, which that Authority has issued, or the Authority’s ability to perform its services.
(2) Where in the opinion of the Certifying Authority any event has occurred or any situation has arisen which may materially and adversely affect the integrity of its computer system or the conditions subject to which a Digital Signature Certificate was granted, then, the Certifying Authority shall-
(a) use reasonable efforts to notify any person who is likely to be affected by that occurrence: or
(b) act in accordance with the procedure specified in its certification practice statement to deal with such event or situation.