Section 28

its certificate that contains the public key corresponding to the private key used by that certification authority to digitally sign another certificate (referred to in this section as a certification authority certificate);

any relevant certification practice statement;

notice of the revocation or suspension of its certification authority certificate; and

any other fact that materially and adversely affects either the reliability of a certificate that the authority has issued or the authority’s ability to perform its services.

use reasonable efforts to notify any person who is known to be or foreseeably will be affected by that occurrence; or

act in accordance with procedures governing such an occurrence specified in its certification practice statement.