21 CFR 1311.30 - Requirements for storing and using a private key for digitally signing orders.

§ 1311.30 Requirements for storing and using a private key for digitally signing orders.

(a) Only the certificate holder may access or use his or her digital certificate and private key.

(b) The certificate holder must provide FIPS-approved secure storage for the private key, as discussed by FIPS 140-2, 180-2, 186-2, and accompanying change notices and annexes, as incorporated by reference in § 1311.08.

(c) A certificate holder must ensure that no one else uses the private key. While the private key is activated, the certificate holder must prevent unauthorized use of that private key.

(d) A certificate holder must not make back-up copies of the private key.

(e) The certificate holder must report the loss, theft, or compromise of the private key or the password, via a revocation request, to the Certification Authority within 24 hours of substantiation of the loss, theft, or compromise. Upon receipt and verification of a signed revocation request, the Certification Authority will revoke the certificate. The certificate holder must apply for a new certificate under the requirements of § 1311.25.

This is a list of United States Code sections, Statutes at Large, Public Laws, and Presidential Documents, which provide rulemaking authority for this CFR Part.

This list is taken from the Parallel Table of Authorities and Rules provided by GPO [Government Printing Office].

It is not guaranteed to be accurate or up-to-date, though we do refresh the database weekly. More limitations on accuracy are described at the GPO site.


United States Code

Title 21 published on 10-May-2017 03:43

The following are ALL rules, proposed rules, and notices (chronologically) published in the Federal Register relating to 21 CFR Part 1311 after this date.

  • 2017-03-21; vol. 82 # 53 - Tuesday, March 21, 2017
    1. 82 FR 14490 - Program To Hire Special Assistant United States Attorneys in Targeted Federal Judicial Districts Utilizing Diversion Control Fee Account Funds
      GPO FDSys XML | Text
      DEPARTMENT OF JUSTICE, Drug Enforcement Administration
      Notice of proposed rulemaking.
      Electronic comments must be submitted, and written comments must be postmarked, on or before April 20, 2017. Commenters should be aware that the electronic Federal Docket Management System will not accept comments after 11:59 p.m. Eastern Time on the last day of the comment period.
      21 CFR Parts 1301 and 1311
The section you are viewing is cited by the following CFR sections.