(1) By accepting a certificate issued by a licensed certification authority, the subscriber identified in the certificate assumes a duty to exercise reasonable care to retain control of the private key and prevent its disclosure to a person not authorized to create the subscriber's digital signature. The subscriber is released from this duty if the certificate expires or is revoked.

     (2) A private key is the personal property of the subscriber who rightfully holds it.

     (3) A private key in the possession of a state agency or local agency, as those terms are defined by RCW 42.17.020, is exempt from public inspection and copying under chapter 42.56 RCW.

[2005 c 274 § 235; 1997 c 27 § 11; 1996 c 250 § 305.]

NOTES:

     Part headings not law -- Effective date -- 2005 c 274: See RCW 42.56.901 and 42.56.902.

     Effective date -- Severability -- 1997 c 27: See notes following RCW 19.34.030.