Presentation is loading. Please wait.

Presentation is loading. Please wait.

 certifying authority

Similar presentations


Presentation on theme: " certifying authority "— Presentation transcript:

1

2  A Controller has the right to recognize any foreign certifying authority as a certifying authority for the purpose of the IT Act, 2000. While this is subject to the conditions and restrictions which the regulations specify, the Controller can recognize it with the previous approval of the Central Government and notify in the Official Gazette.  If a controller recognizes a Certifying Authority under sub-section (i), then its digital signature certificate is also valid for the purpose of the Act.  If the controller feels that any certifying authority has contravened any conditions or restrictions of recognition under sub-section (i), then he can revoke the recognition. However, he needs to record the reason in writing and notify in the Official Gazette

3  The Controller of Certifying Authorities (CCA) is a Government of India undertaking that license and regulate the working of Certifying Authorities. The CCA certifies the public keys of CAs, which enables users in the cyberspace to verify that a given certificate is issued by a licensed CA. For this purpose, CCA operates, the Root Certifying Authority of India (RCAI). The CCA also maintains the National Repository of Digital Signature Certificate (NRDC), which contains all the certificates issued by all the CAs in the country.

4  Policy Authority The certificate authority acts as a policy authority that is responsible for the establishment, distribution, maintenance, promotion, and policy enforcement of policies and procedures for all of the functional entities.  Cerificate Issuer As an issuer of certificates the CA distributes the generated certificates and manages them. This also includes the mechanism to request certificate revocation, the granting of new certificates, and the management of the Certificate Revocation List (CRL).

5  Certificate Manufacturer In this role the CA manufactures and generates the certificate signature asymmetric key pairs that are consistent with the policies and procedures of the Policy Authority.  Revocation Manufacturer Revocation signature symmetric key pairs are generated consistent with the policies and procedures of the Policy Authority.  Registration Authority Also known as a registrar, this is the initial location for a subscriber for all the functional entities such as certificate registration, certificate status, and revocation services.

6  Authentication Service An authentication service validates the subscriber's credentials for the registration authority that submits the subscriber's public key and identity.  Repository The CA stores and distributes all public key certificates, information about the status of the certificate in the form of a Certificate Revocation List (CRL), and additional information related to the PKI.

7  Certificate authorities offer an array of certificates. You can use a certificate for any of the following purposes:  To secure Web transactions between Web servers and Web browsers. These transactions are secured through the following measures: › Web server authentication and content confidentiality, by enabling Secure Socket Layer (SSL) and Transport Layer Security transactions › Browser (client-side) authentication and secure form submissions using a client-side certificate (the certificates are implemented in the browsers) › Digital signature verification of distributed code, such as signed applets, ActiveX components, and so on

8  To secure e-mail, as implemented by QUALCOMM, Eudora, Netscape Messenger, Microsoft Outlook, and other Simple Mail Transfer Protocol (SMTP) servers.  To secure online financial settlements and Secure Electronic Transactions (SET).  To secure networks, virtual private networks (VPNs), IP Security Protocol (IPSEC), IPv6, and products such as Point-to-Point Tunneling Protocol (PPTP), Windows 2000, Network Associates, Data Fellows, and so on.  To secure custom applications, such as Entrust PKI- based applications, Baltimore PKI-based applications, E-Lock, or any public key infrastructure (PKI) vendor that offers an API toolkit.

9 Root certificate  Identifies a certificate authority as an issuer of certificates.  These are often self-signed and are used to validate other kinds of certificates.  A CA might use different root certificates for different certificate applications to signify that different criteria were used to approve different certificates.  The terms root certificate and root authority are often used synonymously.

10 Server certificate  Identifies a server and includes a digitally signed version of the server's public key, Internet host name, the name of the organization that owns the server, and the public key of the issuing certificate authority.  Use a server certificate to secure a Web server, by enabling SSL.  This certificate validates the server to the client and establishes an encrypted session with the client.  A server certificate is sometimes referred to as a site certificate or an SSL certificate.

11 Personal certificate  Identifies a person and includes a digitally signed version of the person's name, organization, and public key.  These certificates come in a variety of security levels based on the security policy used to obtain them.  The level of trust granted to a certificate varies according to the security policy of each secure server.

12 Software publisher certificate  Identifies a software developer and includes a digitally signed version of the developer's name, organization, and public key within the code.  A developer uses this certificate to sign a software application for Internet distribution. Content signing certificate  Identifies the owner of the content and includes a digitally signed version of the owner's name, organization, and public key in the content.  Use this certificate to sign content that is distributed, such as channels.  This certificate authenticates the owner of the content to the end user who subscribes to the content.

13  Digital Signature Certificates or DSC or Digital Signature are being adopted by various government agencies and now is a statutory requirement in various applications.  Capricorn offers different class of certificates to help organization and individuals secure online transactions with legal validity as per the Indian IT Act, 2000.  Capricorn certificates conform to x.509 standard of Public Key Infrastructure (PKI) in India where in additionally these are issued as per IVG and IOG guidelines issued by the office of Controller of Certifying Authorities.

14  Sign  Sign DSC can only be used for signing documents. The most popular usage of is signing the PDF file for Tax Returns, MCA and other websites.  Signing via DSC gives the assurance of not only the integrity of the signer but also the data.  It is proof of untampered and unaltered data.

15  Encrypt  Encrypt DSC can only be used to encrypt a document, it is popularly used in the tender portal, to help companies encrypt the documents and upload.  You could also use the certificate to encrypt and send classified information.  Encrypt DSC is fit for e-commerce documents, legal documentation and sharing documents that are highly confidential and contains information that needs to be protected.  We are selling Encrypt certificate as a standalone product as well.

16  Sign & Encrypt  Our Sign & Encrypt DSC can be used for both signing and encrypting.  It is convenient for users who need to authenticate and maintain the confidentiality of the information shared.  Its usage includes filing government form and application.


Download ppt " certifying authority "

Similar presentations


Ads by Google