Certificate revocation right Sample Clauses

Certificate revocation right. The Subscriber has the right to propose to TrustAsia to revoke the issued certificate and provide relevant evidence or explanation when the following circumstances occur: 1) keyCompromise (RFC 5280 CRLReason #1) The certificate Subscriber must select the "keyCompromise" reasonCode as the CRLReason when they realize or have evidence to believe that the private key of its certificate has been compromised. For example, an unauthorized person has accessed the private key of the certificate. 2) affiliationChanged (RFC 5280 CRLReason #3) The certificate Subscriber must select the "affiliationChanged" reasonCode as the CRLReason when the subject's name or other subject identity information in the certificate has changed. 3) superseded (RFC 5280 CRLReason #4) The certificate Subscriber must select the "superseded" reasonCode as the CRLReason when requesting a new certificate to replace an existing certificate. 4) cessationOfOperation（RFC 5280 CRLReason #5） The certificate Subscriber must select the "cessationOfOperation" reasonCode as the CRLReason when they no longer own or control all the domains in the certificate, or no longer use the certificate due to discontinuation of the website. 5) unspecified (RFC 5280 CRLReason #0) The certificate Subscriber must select the "unspecified" reasonCode as the CRLReason when the reasonCodes mentioned above are not applicable to the revocation request. The option is set by default to revoke a certificate in TrustAsia, and the Subscriber is not required to provide evidence or state a reason. The privilegeWithdrawn (RFC 5280 CRLReason #9) reasonCode will not be made available to the Subscriber. The use of this reason is determined by TrustAsia. TrustAsia revokes the certificate within the period specified in the CPS and uses the corresponding CRLReason if the following occurs: 1) The Subscriber requests in writing that the certificate be revoked (if there is no revocation reason, then use CRLReason #0); 2) Subscriber notifies TrustAsia that the original certificate request was not authorized and cannot retroactively grant authorization (CRLReason #9); 3) TrustAsia obtains evidence that the Subscriber's private key corresponding to the certificate's public key has been compromised or no longer meets the relevant requirements of Sections 6.1.5 and 6.1.6 of the Baseline Requirements (CRLReason #1); 4) TrustAsia obtains evidence that the verification of control of the domain name or IP address contained in the certificate is no lo...