What must a subscriber do when they separate or retire?

When a subscriber separates from an organization or retires, returning their token to the Technical Agent is a critical action to ensure the integrity and security of the Public Key Infrastructure (PKI). Tokens often contain sensitive cryptographic material that grants access to secure systems and data. If a subscriber were to retain their token, this could pose a significant security risk, as it may allow unauthorized access to the organization’s resources even after the individual is no longer affiliated with it.

Returning the token ensures that it can be securely deactivated or destroyed, effectively mitigating any potential security vulnerabilities that could arise from misuse of the token after the subscriber's departure. This practice underscores the importance of managing cryptographic materials and maintaining the security posture of the organization in the PKI environment.