A subscriber may share his/her private signing key with whom?

Digital signatures rely on a private signing key that must stay secret. The owner uses this key to create signatures that prove who signed a document and to ensure the data hasn’t been altered. If that private key is shared with anyone, that person could sign as the subscriber, breaking accountability and non-repudiation, and potentially authorizing actions the subscriber didn’t actually approve. Because of that, the private signing key should never be given to others, including a Registration Authority, an Executive Assistant or Senior Military Aide, or support staff. If another person needs signing authority, the proper approach is to use a separate signing key or a delegated workflow that does not involve sharing the subscriber’s private key.