Information Technology Act, 2000
38. Revocation of Digital Signature Certificate. –
(1) A Certifying Authority may revoke a Digital Signature Certificate issued by it-
where the subscriber or any other person authorized by him makes a request to that effect; or
upon the death of the subscriber; or
upon the dissolution of the firm or winding up of the company where the subscriber is a firm or a company.
Subject to the provisions of sub-section (3) and without prejudice to the provisions of sub-section (1), a Certifying Authority may revoke a Digital Signature Certificate which has been issued by it at any time, if it is of opinion that-
a material fact represent in the Digital Signature Certificate is false or had been concealed;
a requirement for issuance of the Digital Signature Certificate was not satisfied;
the Certifying Authority’s private key of security system was compromised in a manner materially affecting the Digital Signature Certificate’s reliability;
the subscriber has been declared insolvent or dead or where a subscriber is a firm or a company, which has been dissolved, wound-up or otherwise ceased to exist.
A Digital Signature Certificate shall not be revoked unless the subscriber has been given an opportunity of being heard in the matter.
On revocation of a Digital Signature Certificate under this section, the Certifying Authority shall communicate the same to the subscriber.