|
Overview
1.3.2.1 CA Technology Forum
- Advisory forum of CA technology providers to advise the CCA on technology standards and other related issues of PKI
- Advising on inter-operability issues for a successful PKI in the country.
1.3.2.2 CA's Council
- Discussions with the CAs operating in the country to resolve issues of concern to the CAs and users so as to ensure widespread use of digital signatures in the country.
1.3.2.3 DS User Forum
- Discussions with the digital signature users at large to study their problems and difficulties concerning PKI and other implementation issues.
- Formulate response for resolving them with CAs.
1.3.2.4 Legal Advisory Forum
- Advise the CCA on legal issues concerned with the implementation of the IT Act, and any other issues such as the modifications of the Act so as to improve the PKI framework for facilitating the growth of E-Commerce and E-Governance.
1.3.2.5 Auditor's Panel
- Discussions with the Auditor's Panel on a regular basis to maintain and augment audit standards to continuously improve the effectiveness of CAs.
1.3.3 RCAI
The CCA has established the RCAI under section 18(b) of the IT Act to digitally sign the public keys of CAs in the country. It operates RCAI as per the standards laid down under the Act. The requirements fulfilled by the RCAI include the following:
- The license issued to the CA is digitally signed by the CCA.
- All public keys corresponding to the signing private keys of a CA are digitally signed by the CCA.
- That these keys are signed by the CCA can be verified by a relying party through the CCA's website or CA's own website.
The RCAI is operated using SmartTrust software. The authorized CCA personnel access the Administrator WorkBench to initiate and perform Root CA functions. Where necessary, this CPS distinguishes the different users and roles accessing the SmartTrust software for Root CA functions. Where this distinction is not required, the term Root CA is used to refer to the total CA entity, including the software and its operations
The RCAI root certificate is the highest level of certification in India. It is used to sign the public keys of the Licensed CAs in India. The RCAI root certificate is a self-signed certificate
1.3.4 National Repository : NRDC
The CCA's repositories are as follows:
In accordance with Section 20 of the IT Act, all certificates and CRLs issued by all the license CAs are contained in the NRDC. This also contains the certificates and CRLs issued by the CCA through its RCAI. Relying parties can verify the CA's public keys from the NRDC.
1.3.5 Licensed Certifying Authorities
A Certifying Authority (CA) can operate in the country after being duly licensed by the CCA as per provisions of the IT Act. It provides services to its subscribers and relying parties as per its CPS which is approved by the CCA as part of the licensing procedure. The license of a CA can be suspended or revoked by the CCA as provided under section 25 of the IT Act. During the period of suspension, the said CA cannot operate as a CA.
A CA provides the following services:
- Identification and authentication
- Certificate issuance
- Certificate suspension and revocation
- Certificate renewal
- Notification of certificate-related information
- Display of all these on its website
- Time-stamping
In addition, the CA communicates to the CCA the following information as required under the IT Act:
- Any changes in its CPS
- Certificates issued by it to its subscribers
- CRLs issued by it
- Compromise of its private key under section 34 of IT Act
- Disclosure record under section 34 of the IT Act
- Periodic audit reports under Rule 31
1.3.6 End entities
The End entities of RCAI would be the Licensed CAs in India. However, the subscribers and relying parties who use the certificates issued by a CA need to be assured that the CA is licensed by the CCA. Relying Parties trust and use the certificates issued by a CA who has been licensed by the CCA. They should be able to verify the license through an indicator to that effect in the PKCs issued by a CA. By viewing the PKC using any standard application, the relying party should be able to verify the CA Distinguished Name and its public key as appearing in the Certificate as having been certified by the CCA. The procedure is specified in 1.3.3.
1.3.7 Applicability
This CPS is applicable to all certificates issued by RCAI. The practices described in this CPS apply to the issuance and use of certificates and Certificate Revocation Lists (CRLs) for Licensed CAs within India.
Contact Details
11.4.1 Specification administration organization
The organization administering this CPS is the Controller of Certifying Authorities. Inquiries should be addressed as follows: .
|
Address
|
Office of Controller of Certifying Authorities, Jawahar Lal Nehru Stadium,
Lodi Road,
New Delhi- 110 003
|
|
E-Mail:
|
dctech@cca.gov.in
|
|
Telephone:
|
+91-11-4369525
|
|
URL:
|
http://cca.gov.in
|
1.4.2 Contact Person
|
The Deputy Controller (Technology)
|
|
Address
|
Office of Controller of Certifying Authorities, Jawahar Lal Nehru Stadium,
Lodi Road,
New Delhi- 110 003
|
|
E-Mail:
|
dctech@cca.gov.in
|
|
Telephone:
|
++91-11-4369525
|
|
URL:
|
http://cca.gov.in
|
|
