In addition to the information required in section 29 of the Act, an application for registration must—
(a) |
contain the following particulars to identify and locate the cryptography provider: |
(i) |
Telephone and fax number, web site and e-mail address; |
(ii) |
the constitutive documents of the applicant which are, in the case of a legal person, certified copies of the Memorandum and Articles of Association, certificate of incorporation, founding statement, partnership agreement or trust deed, and in the case of a natural person, a certified copy of his or her ID book or passport, as the case may be; |
(iii) |
detailed profiles of trusted personnel of the applicant that have supervisory or managerial responsibilities; |
(b) |
contain the following particulars to identify and locate the cryptography provider's products or services: |
(i) |
physical address where a cryptography product is or will be produced, manufactured, created or distributed from; |
(ii) |
physical address where a cryptography service is or will be rendered, delivered, sold, made available or distributed from; |
(iii) |
full details of cryptography operations outsourced; |
(iv) |
name, address and contact details of any other cryptography provider that provides a cryptography service or product to the cryptography provider; |
(v) |
if the cryptography provider is a certification service provider, its certification practice statement and certificate policy; |
(c) |
contain the particulars required by section 29 of the Act and paragraph (a) of this regulation, to identify and locate an entity to whom cryptography operations have been outsourced; |
(d) |
contain particulars indicating whether the cryptography provider provides encrypted bugging and debugging equipment. |