Certificate Revocation
Certificate revocation refers to the process of rendering a digital certificate invalid before its expiration date. This means the digital certificate cannot be trusted or used for signing. The revoked certificate is published in the Certificate Revocation List (CRL)
Circumstances that warrant certificate revocation
- When the identification information is invalid.
- When the information in the certificate becomes invalid.
- When the subscriber has violated the subscribe agreement.
- When the private key has been compromised.
- When the certificate was not issued procedurally.
- When an emergency has occurred and may impact the integrity of the certificate.
Digital Certificate Revocation Process
- The subscriber requests the Authorized Organization Representative of the revocation of a digital certificate citing a reason for the request.
- The Authorized Organization Representative verifies and validates the request.
- The Authorized Organization Representative submits the request for revocation to the GovCA.
Token loss and reissuance process
- The subscriber reports to the police station on the loss of the token and obtains a police abstract.
- The subscriber informs the Authorized Organization Representative on the loss of the token, provides the police abstract, and requests for a new token.
- The Authorized Organization Representative makes a request to GovCA for revocation of the certificate.
- GovCA shall accept the request and revoke the certificate and issue a new token.
Token return process
- The subscriber initiates the process of token return.
- The Authorized Organization Representative verifies and validates the correctness of the information.
- The Authorized Organization Representative submits the request to GovCA.