Click here to view glossary of items |
|||||
Why
use a Certification Authority for public key distribution? If
a colleague sends you their public key over the network, you could not be
certain it was from them. A hacker could have sent you an email with a public
key in it saying it was from your colleague. But the public key could actually
be the hacker�s. Certification Authorities solve this problem by acting as a
trusted third party. They essentially create an electronic document containing
the public key with its "owners" name and digitally sign it. Why
should I choose IDRBT CA as my
Certifying Authority? IDRBT,
an autonomous institution established by Reserve bank of India (RBI), is the
Certifying Authority in India licensed by the Controller
of Certification Authorities (CCA). The licensing of IDRBT CA by CCA
is an indication to the public that it has met the stringent regulatory
requirements established by the Controller. For
more information on the regulatory requirement of a licensed CA, please visit http://cca.gov.in/ Why
do I need a digital certificate? There
are many certificate-enabled applications such as online banking, Structured
Financial Messaging Systems (SFMS), Public Debt Office-Negotiable Dealing System
(PDO NDS), Electronic Data interchange (EDI), Electronic Fund Transfer (EFT),
Secure Electronic mail, etc. To access these applications securely, you will
need to have a digital certificate. Who
is eligible for a digital certificate from For
obtaining a digital certificate from How
do I get a private and public key? An appropriately trusted program on your computer or server or cryptographic hardware device usually generates a pair of keys. The public key will be submitted to IDRBT CA along with the request for a digital certificate. What does IDRBT CA do with my public key? The
certificate request of the subscriber is verified by the Registration Authority
and forwarded to IDRBT CA office. IDRBT CA makes further checks and once
satisfied creates a digital certificate. The certificate includes some of the
information the user supplied and the user�s public key. What
information is contained within a IDRBT CA digital certificate? The
following specifies the information contained within a personal and corporate
IDRBT CA digital certificate. A personal IDRBT CA Digital Certificate will
contain information such as:
What
are Class 1, Class 2, and Class 3 Certificates? Digital
certificates issued by IDRBT CA fall under the following Classes.
Visit http://idbrtca.org.in/product.html for more details. The Class 1 Certificates can be used for Secure Mail applications and for Digital Signatures. Class 2 Certificates can also be used for Digital Signature and Encryption of messages. Class 3 Certificates can be used for Digital Signature, Object Signing and Secure Server. How can I register for an IDRBT CA Digital Certificate? To
register for an IDRBT CA digital certificate, contact the Registration Authority
operating under IDRBT CA. For more information about the Registration
Authorities, visit http://idrbtca.org.in/ra.html.
You are encouraged to download and fill in the application form and send to the
nearest Registration Authority with the necessary details including the personal
identification documents mentioned in the IDRBT CA CPS. You must apply in person
with the required documents before the RA, if you are applying for Class 3
Certificates. What
is the time duration for the issuance of digital certificate?
When
you connect with a secure web server (e.g. by https://......) the server will
present its certificate to your browser so it can check the certificates
validity for you. Email programs use digital certificates to check the
authenticity of digital signatures. Using another person�s digital certificate
is how you scramble your email to them. (If you scramble it with public keys in
their certificate, only that person can unscramble because they are the only
ones with the matching private keys). Certificate
for Individual can be use for:
We recommend hardware token like Smart Card to store the Certificates. You are advised to store your certificate in the browser, you will make arrangements for the security of your machine. You can also take your certificates in a media protected with a password.
Do I need a smart card or token? Smart
cards, and other cryptographic tokens, are suitable for very secure
applications. Smart cards and tokens have these features:
How
will I know if my Certificate has expired? Certificates
issued by IDRBT CA are valid for one year. You may wish to take note of the
expiry date of your Certificate and renew it prior to its expiry. The
Registration Authority will notify in advance before the expiry of the
certificate. What is suspension and revocation of a digital certificate? Suspension
is the process of making a certificate to make it invalid temporarily.
Revocation is the process of making a certificate to be invalid permanently.
IDRBT CA provides a service that allows you to suspend or revoke your
certificate. You would suspend a certificate if the certificate has been issued
containing wrong or falsified information or payment for the certificate has not
been made according to contractual agreement. You would revoke it when you were
certain it was compromised. An organisation can also revoke a certificate e.g.
when an employee leaves. How
do I revoke my Certificate? The
application form for the Certificate revocation/suspension is available in the IDRBT
CA repository. Apply online for a certificate revocation to the IDRBT CA.
Your Digital Certificate will be revoked according to the IDRBT CA CPS.
How
do you know when a message is digitally signed? The
email program you are using will tell you that a message has been digitally
signed, who signed it, and whether the signature is valid. How
can my company ensure that my clients can have a 128-bit encryption strength on
their browsers?
If
I were to upgrade my server, can I continue to make use of the initial
certificate that was issued to my company?
Yes,
this is possible as long as the server being used is the same. How
do customers identify that my website is secured by IDRBT CA? Companies
with websites secured by IDRBT CA have the option of placing an IDRBT CA's
security seal on their web pages. This seal will enable customers to validate
the status of your IDRBT CA Class 3 Server Certificate. Why
do I experience a Security Alert message before entering IDRBT CA's secured
site? IDRBT CA�s Root Certificate was not pre-installed in the standard browsers' certificate store. Being licensed by CCA, our root keys are certified by CCA, Government of India. We encourage all to download IDRBT CA Root Certificate. |