The Digital Signature Act 1997 (DSA 1997) and Digital Signature Regulations 1998 (DSR 1998) provide the licensing framework for the provision of digital signatures in Malaysia including the type of services, the qualification requirements, applications and the respected fees.
1. Certification Authority License
The main function of Certification Authority (CA) is to issue certificate to a subscriber upon application as an identity to be listed in the certificate under the DSA 1997.
2. Recognition of Repository
A repository will contain the licensed certification authority’s disclosure records, the most recent Certificate Revocation List (CRL), other suspension or revocation information and other information about certification practices.
3. Recognition of Date/Time Stamp Services
The date/time stamp can be attached to a message or document and digitally signed. The date and time stamped on the document shall be the date and time received by the recognised date/time stamp service.
4. Recognition of Foreign Certification Authorities
The Commission may recognise, certification authority licensed or otherwise authorized by governmental entities outside Malaysia which fulfilled the qualification requirements. A certificate issued by recognised foreign certification authority demonstrates a level of security equal or more stringent than the level of security of a certificate issued by a licensed certification authority of Malaysia.
LICENSING GUIDEBOOK - DIGITAL SIGNATURE
This guidebook provides a guide to the type of information that is required in all new licence and recognitions applications and the criteria applied by MCMC in evaluating the application.
Licensing Guidebook - Digital SignatureApplication Form - Form 1