57 Effect of revocation request on subscriber
Where a subscriber has requested for the revocation of a certificate, the subscriber ceases to certify as provided in Chapter 3 and has no further duty to keep the private key secure as required under section 43-
(a) when notice of the revocation is published as required under section 56; or
(b) when two business days have lapsed after the subscriber requests for the revocation in writing, supplies to the issuing licensed certification authority information reasonably sufficient to confirm the request, and pays any prescribed fee,
whichever occurs first.
58 Effect of notification on licensed certification authority
Upon notification as required under section 56, a licensed certification authority shall be discharged of its warranties based on issuance of the revoked certificate and ceases to certify as provided in sections 35 and 36 in relation to the revoked certificate.
Expiration of certificate
59 Expiration of certificate
(1) The date of expiry of a certificate shall be specified in the certificate.
(2) A certificate may be issued for any period not exceeding three years from the date of issuance.
(3) When a certificate expires, the subscriber and licensed certification authority shall cease to certify as provided under this Act and the licensed certification authority shall be discharged of its duties based on issuance in relation to the expired certificate.
(4) The expiry of a certificate shall not affect the duties and obligations of the subscriber and licensed certification authority incurred under and in relation to the expired certificate.
Recommended reliance limits and liability
60 Recommended reliance limit*
(1) A licensed certification authority shall, in issuing a certificate to a subscriber, specify a recommended reliance limit in the certificate.
(2) The licensed certification authority may specify different limits in different certificates as it considers fit.
*NOTE-The Central Bank of Malaysia is exempted from the requirements of this section for the purpose of implementing the Real-Time Electronic Transfer of Funds and Securities System or also known as "RENTAS"-see P.U. (A) 300/1999.
61 Liability limits for licensed certification authorities
Unless a licensed certification authority waives the application of this section, a licensed certification authority-
(a) shall not be liable for any loss caused by reliance on a false or forged digital signature of a subscriber, if, with respect to the false or forged digital signature, the licensed certification authority complied with the requirements of this Act;
(b) shall not be liable in excess of the amount specified in the certificate as its recommended reliance limit for either-
(i) a loss caused by reliance on a misrepresentation in the certificate of any fact that the licensed certification authority is required to confirm; or
(ii) failure to comply with sections 29 and 30 in issuing the certificate; and
(c) shall not be liable for-
(i) punitive or exemplary damages; or
(ii) damages for pain or suffering.