Search Menu
Language Menu
Mobile Menu
Search
OGCIO
Home
Our Work
Strategies & Government IT InitiativesLegal Framework & Domain Name AdministrationCommunity Initiatives & IT ServicesBusiness & Industry DevelopmentIT Infrastructure & StandardsInformation & Cyber Security
Legal Framework & Domain Name Administration
Electronic Transactions Ordinance (Chapter 553)Domain Name Administration
Electronic Transactions Ordinance (Chapter 553)
Electronic Transactions Ordinance (Chapter 553)The OrdinanceVoluntary Certification Authority Recognition SchemeDigital Certificates for Electronic TransactionsLegislative Council PapersFrequently Asked QuestionsGlossaryUseful LinksContacts
Voluntary Certification Authority Recognition Scheme
IntroductionDisclosure Records of Recognized Certification AuthoritiesRecognition of Certification Authorities & CertificatesApplication for RecognitionApplication for Participation in Mutual Recognition of Electronic Signature CertificatesCode of Practice for Recognized Certification AuthoritiesList of recognized certificates available for subscriptions
Disclosure Records of Recognized Certification Authorities
Disclosure Record for the Postmaster GeneralDisclosure Record for Digi-Sign Certification Services LimitedDisclosure Record for Joint Electronic Teller Services LimitedDisclosure Record for HiTRUST.COM (HK) Incorporated Limited
Disclosure Record for Digi-Sign Certification Services Limited
< Back

Disclosure Records of Recognized Certification Authorities

Disclosure Record for Digi-Sign Certification Services Limited

(This is page 3 of the disclosure record for Digi-Sign Certification Services Limited ("Digi-Sign") maintained by the Government Chief Information Officer under section 31(1) of the Electronic Transactions Ordinance (Cap. 553) ("Ordinance"). Click this link to go back to page 1 of the disclosure record.)

Assessment Report in relation to the Provision of Subscriber Key Generation

Digi-Sign intended to introduce a change to its operation to allow an ID-Cert subscriber to generate keys within the subscriber's own premises and using the subscriber's hardware-based key generation module under its own control. In accordance with section 5.6 of the Code of Practice for Recognized Certification Authorities ("Code of Practice"), a recognized certification authority shall perform structured assessments to ascertain the underlying risks of its operations. In this connection, Digi-Sign had arranged the preparation of an assessment report produced by an independent assessor in respect of its intended provision of subscriber key generation.

Extracts from the assessment report are herewith published pursuant to section 31(2) of the Ordinance.

A. Date of the Report

  • The date of the report is 26 June 2002.

B. Material Information

  1. The objective of the assessment was for the assessor to review the proposed procedures to be established by Digi-Sign in relation to allowing keys to be generated by subscribers, and to express a conclusion as to whether the procedures, when established, will enable Digi-Sign to continue to be capable of complying, in all material respects, with the requirements in the Ordinance and the Code of Practice, specifically in relation to the use of a trustworthy system for the subscriber key generation process, and at the point in time when the keys are generated.
  2. In the assessor's opinion, the procedures proposed to be established by Digi-Sign will enable Digi-Sign to continue to be capable of complying, in all material respects, with the requirements in the Ordinance and Code of Practice, specifically in relation to the use of a trustworthy system for the subscriber key generation process, and at the point in time when the keys are generated.
Related LinksDomain Name Administration
Previous ArticleOGCIO: Disclosure Record for Digi-Sign - P.2
Next ArticleOGCIO: Disclosure Record for Digi-Sign - P.4
The Best is Yet to Come - Innovation and Technology
The 2024-25 Budget
The Chief Executive’s 2023 Policy Address
Facilitating of the Cross-boundary Data Flow within the Greater Bay Area
Exhibition of the 3rd Anniversary of Hong Kong National Security Law
You can stop corruption. Report Now!
ICT Outreach Programme for the Elderly
MSW Charging
Let Social Enterprises Bloom!
Legislative Control of Cannabidiol (CBD)
National Security Education Day
“Maker in China” SME Innovation and Entrepreneurship Global Contest - Hong Kong Chapter)
Electronic Health Record Sharing System (eHealth)
Improve Electoral System Ensure Patriots Administering Hong Kong
Support Clean Elections
iAM Smart Safe and Swift
CSDI website
Safeguarding National Security
Multi-functional Smart Lampposts
Fact Sheet : Office of the Government Chief Information Officer
ICT Event Calendar
Smart Government Innovation Lab
talent.gov.hk
New Patent System
Prohibition on Face Covering Regulation
Elderly IT Learning Portal
Hong Kong Legal Hub
Guangdong-Hong Kong-Macao Greater Bay Area
Cybersec Infohub
Corruption Prevention Advisory Service
Approved Fund-raising Activities
Cyber Security Information Portal
Hong Kong's Legal Services
IT Career Role Models Platform
Hong Kong Smart City Blueprint Portal
Web Accessibility Campaign - Making Web Content Available for All
Mutual Recognition of Electronic Signature Certificates issued by Hong Kong and Guangdong
The InfoCloud portal
Marketing Consultancy Office (Rehabilitation)
Developing Datacentre in Hong Kong
Wi-Fi․HK
GovHK Website
Government Computer Emergency Response Team Hong Kong (GovCERT․HK)
DATA․GOV․HK
CCLI Webste
CEPA
Hong Kong/Guangdong Expert Group on Co-operation in Informatisation
Hong Kong ICT Awards
INFO SEC
Student IT Corner
PreviousNext