Information Technology (Certifying Authorities) Rules, 2000
28. Compromise of Digital Signature Certificate.-
Digital Signature Certificates in operational use that become compromised shall be revoked in accordance with the procedure defined in the Certification Practice Statement of Certifying Authority.
Explanation : Digital Signature Certificates shall,-
(a) be deemed to be compromised where the integrity of:-
(i) the private key associated with the Digital Signature Certificate is in doubt;
(ii) the Digital Signature Certificate owner is in doubt, as to the use, or attempted use of his key pairs, or otherwise, for malicious or unlawful purposes;
(b) remain in the compromised state for only such time as it takes to arrange for revocation.