|1. Why use a Certification Authority for public key distribution?|
|2. Why should I choose IDRBT CA as my Certifying Authority?|
|3. Why do I need a digital certificate?|
|4. Who is eligible for a digital certificate from IDRBT CA ?|
|5. What is the essential requirement for getting a digital certificate?|
|6. How do I get a private and public key?|
|7. What does IDRBT CA do with my public key?|
|8. What information is contained within a IDRBT CA digital certificate?|
|9. What are Class 1, Class 2, and Class 3 Certificates?|
|10. How can I register for an IDRBT CA Digital Certificate?|
|11. What is the time duration for the issuance of digital certificate?|
|12. How are digital certificates used?|
|13. What storage medium does Certificates for Individual supports?|
|14. Do I need a smart card or token?|
|15. How will I know if my Certificate has expired?|
|16. What is suspension and revocation of a digital certificate?|
|17. How do I revoke my Certificate?|
|18. How do you know when a message is digitally signed?|
|19. How can my company ensure that my clients can have a 128-bit encryption strength on their browsers?|
|20. If I were to upgrade my server, can I continue to make use of the initial certificate that was issued to my company?|
|21. How do customers identify that my website is secured by IDRBT CA?|
|22. Why do I experience a Security Alert message before entering IDRBT CA's secured site?|
a colleague sends you their public key over the network, you could not be
certain it was from them. A hacker could have sent you an email with a public
key in it saying it was from your colleague. But the public key could actually
be the hacker�s. Certification Authorities solve this problem by acting as a
trusted third party. They essentially create an electronic document containing
the public key with its "owners" name and digitally sign it.
should I choose IDRBT CA as my
an autonomous institution established by Reserve bank of India (RBI), is the
Certifying Authority in India licensed by the Controller
of Certification Authorities (CCA). The licensing of IDRBT CA by CCA
is an indication to the public that it has met the stringent regulatory
requirements established by the Controller.
more information on the regulatory requirement of a licensed CA, please visit http://cca.gov.in/
do I need a digital certificate?
are many certificate-enabled applications such as online banking, Structured
Financial Messaging Systems (SFMS), Public Debt Office-Negotiable Dealing System
(PDO NDS), Electronic Data interchange (EDI), Electronic Fund Transfer (EFT),
Secure Electronic mail, etc. To access these applications securely, you will
need to have a digital certificate.
is eligible for a digital certificate from
obtaining a digital certificate from
do I get a private and public key?
An appropriately trusted program on your computer or server or cryptographic hardware device usually generates a pair of keys. The public key will be submitted to IDRBT CA along with the request for a digital certificate.
What does IDRBT CA do with my public key?
certificate request of the subscriber is verified by the Registration Authority
and forwarded to IDRBT CA office. IDRBT CA makes further checks and once
satisfied creates a digital certificate. The certificate includes some of the
information the user supplied and the user�s public key.
The issued digital certificate can be downloaded from IDRBT CA's website.
The issued digital certificate can be downloaded from IDRBT CA's website.
information is contained within a IDRBT CA digital certificate?
following specifies the information contained within a personal and corporate
IDRBT CA digital certificate. A personal IDRBT CA Digital Certificate will
contain information such as:
are Class 1, Class 2, and Class 3 Certificates?
certificates issued by IDRBT CA fall under the following Classes.
Visit http://idbrtca.org.in/product.html for more details.
The Class 1 Certificates can be used for Secure Mail applications and for Digital Signatures. Class 2 Certificates can also be used for Digital Signature and Encryption of messages. Class 3 Certificates can be used for Digital Signature, Object Signing and Secure Server.
How can I register for an IDRBT CA Digital Certificate?
register for an IDRBT CA digital certificate, contact the Registration Authority
operating under IDRBT CA. For more information about the Registration
Authorities, visit http://idrbtca.org.in/ra.html.
You are encouraged to download and fill in the application form and send to the
nearest Registration Authority with the necessary details including the personal
identification documents mentioned in the IDRBT CA CPS. You must apply in person
with the required documents before the RA, if you are applying for Class 3
is the time duration for the issuance of digital certificate?
you connect with a secure web server (e.g. by https://......) the server will
present its certificate to your browser so it can check the certificates
validity for you. Email programs use digital certificates to check the
authenticity of digital signatures. Using another person�s digital certificate
is how you scramble your email to them. (If you scramble it with public keys in
their certificate, only that person can unscramble because they are the only
ones with the matching private keys).
for Individual can be use for:
We recommend hardware token like Smart Card to store the Certificates. You are advised to store your certificate in the browser, you will make arrangements for the security of your machine. You can also take your certificates in a media protected with a password.
cards, and other cryptographic tokens, are suitable for very secure
applications. Smart cards and tokens have these features:
will I know if my Certificate has expired?
issued by IDRBT CA are valid for one year. You may wish to take note of the
expiry date of your Certificate and renew it prior to its expiry. The
Registration Authority will notify in advance before the expiry of the
What is suspension and revocation of a digital certificate?
is the process of making a certificate to make it invalid temporarily.
Revocation is the process of making a certificate to be invalid permanently.
IDRBT CA provides a service that allows you to suspend or revoke your
certificate. You would suspend a certificate if the certificate has been issued
containing wrong or falsified information or payment for the certificate has not
been made according to contractual agreement. You would revoke it when you were
certain it was compromised. An organisation can also revoke a certificate e.g.
when an employee leaves.
do I revoke my Certificate?
application form for the Certificate revocation/suspension is available in the IDRBT
CA repository. Apply online for a certificate revocation to the IDRBT CA.
Your Digital Certificate will be revoked according to the IDRBT CA CPS.
do you know when a message is digitally signed?
email program you are using will tell you that a message has been digitally
signed, who signed it, and whether the signature is valid.
can my company ensure that my clients can have a 128-bit encryption strength on
I were to upgrade my server, can I continue to make use of the initial
certificate that was issued to my company?
this is possible as long as the server being used is the same.
do customers identify that my website is secured by IDRBT CA?
with websites secured by IDRBT CA have the option of placing an IDRBT CA's
security seal on their web pages. This seal will enable customers to validate
the status of your IDRBT CA Class 3 Server Certificate.
do I experience a Security Alert message before entering IDRBT CA's secured
IDRBT CA�s Root Certificate was not pre-installed in the standard browsers' certificate store. Being licensed by CCA, our root keys are certified by CCA, Government of India. We encourage all to download IDRBT CA Root Certificate.