(1) The Agency shall be the repository of Digital Signature Certificates issued under this Act.

(2) The Agency shall

(a) make use of hardy/are, software and procedures that are secure from intrusion and misuse, and

(b) observe other standards that may be prescribed, to ensure that the secrecy and security of digital signatures are assured.

(3) The Agency shall maintain a computerized data base of the public keys to make them verifiable by a member of the public.