Digital Signature Certificate

Should individual's signature and encryption certificate be different?

Yes, The signature and encryption certificate should be separate for an individual. The encryption keys are to be generated at the subscriber's system and should be archived prior to transfer into crypto-medium. The signature keys should be generated in the crypto-medium and should not be copied.

Does one require multiple certificates for different application?

No, Ideally, there should not be any requirement for different certificates, however the person holding lower assurance Class 2 certificate may require higher assurance Class 3 certificates for application which demand the same. The higher assurance Class 3 certificates can be used where ever application requires lower assurance certificate. Apart from assurance, depending on the information included in the DSC (For example PAN Number may be required by application) additional certificate may be required.

Whether a person is allowed to take multiple certificates from different CAs?