 |
| Digital Signature Mart |
New Delhi: The Controller of Certifying Authorities suspended three digital certificates issued by the National Informatics Centre of the National Certification Authority (NIC-CA) to prevent its misuse, Parliament was informed.
Digital Signature Certificates (DSCs) are issued by Certification Authorities for electronic authentication of users, the Communications and IT Minister Ravi Shankar Prasad told Lok Sabha. The Controller of Certification Authorities, which is designated under the Law of Information Technology 2000 Certification Authorities certificates to issue digital signature certificates. Digital signature certificates are issued under Sub Section 4 of Section 35 of the IT Act and facilitate electronic commerce and electronic filing through the authentication of users and transactions, he added. "Three certificates issued to NIC-CA were suspended by CCA (Controller of Certifying Authorities. Unauthorized certificates had been issued, were revoked by the NIC-CA. This was done to prevent misuse," Prasad said.
The incident has been investigated and the results suggest that the authors made an electronic intrusion CA systems from outside India, he added. "NIC-CA asked to modernize its infrastructure in all aspects - technical, physical and procedural," Prasad said. In addition, a notice was sent to all certificate authorities to examine and, where necessary, strengthen security checks at the infrastructure used to issue digital signature certificates, the minister added.
Last month, Google and Microsoft had complained of digital signature certificates issued by unauthorized NIC-CA. Google, in a blog he had said: "On Wednesday, July 2, we noticed unauthorized digital certificates for multiple domains of Google." The certificates were issued by the NIC of India, which has several intermediate CA certificates trusted by the Controller of Certifying Authorities of India (India CCA). "likewise, Microsoft said it is aware of the SSL certificates issued improperly that could be used in attempts to spoof content or conduct phishing attacks." SSL certificates inappropriately by NIC, operating under CA subordinate CA root controller operated by government certification authorities, which are issuers present in the Trusted Root Certification Store in India, "he added.
List of best Digital Signature Service
Provider in India
