Scribd
Upload
66 views14 pages

Digital Signatures: Authentication & Certificates

Digital signatures use asymmetric cryptography to authenticate electronic records. A digital signature certificate establishes a sender's identity like a physical signature and includes additional electronic data attached to messages or documents. Certificates are normally valid for 1-2 years and can be renewed. The Certifying Authority is empowered to issue certificates and must consider whether the applicant holds a private key corresponding to the public key listed in the certificate. A Certifying Authority can suspend a certificate for up to 15 days if giving the subscriber a chance to be heard, or revoke it if requested, upon death or dissolution, or if required information was false or its private key was compromised.

Uploaded by

Satwik Nagappa
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
66 views14 pages

Digital Signatures: Authentication & Certificates

Digital signatures use asymmetric cryptography to authenticate electronic records. A digital signature certificate establishes a sender's identity like a physical signature and includes additional electronic data attached to messages or documents. Certificates are normally valid for 1-2 years and can be renewed. The Certifying Authority is empowered to issue certificates and must consider whether the applicant holds a private key corresponding to the public key listed in the certificate. A Certifying Authority can suspend a certificate for up to 15 days if giving the subscriber a chance to be heard, or revoke it if requested, upon death or dissolution, or if required information was false or its private key was compromised.

Uploaded by

Satwik Nagappa
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd

Digital Signature & Digital Signature Certificates

1. Digital signature means authentication of any electronic record by a subscriber by means of an electronic method or procedure in accordance with the provisions of section 3 of the act.

2. Any subscriber may authenticate an electronic record by affixing his Digital signature.
3. The authentication of the electronic record shall be effected by the use of asymmetric crypto system which envelop and transform the initial electronic record into another electronic record.

1. A Digital Signature Certificate, like hand written signature, establishes the identity of the sender filing the documents through internet which sender can not revoke or deny. 2. Digital Signature Certificate is a digital equivalent of a hand written signature which has an extra data attached electronically to any message or a document. 3. A DSC is normally valid for 1 or 2 years, after which it can be renewed.

4. Act empowers certifying authority to issue Digital signature certificates. 5. 6. Application fees cannot exceed Rs.25000. When granting the authority should consider the following: a. applicant holds a private key corresponding to the public key. b. applicant holds a private key . c. the public key can be used to verify a digital signature .

a)

b)

c)

d)

e)

f)

It has complied with the provisions of the Act, the rules and regulations It has published the Digital Signature Certificate or otherwise made it available to each person relying on it and the subscriber has accepted it; the subscriber holds the private key corresponding to the key, listed in the Digital Signature Certificate. the subscribers public key and private key constitute a functioning key pair; the information contained in the Digital Signature Certificate is accurate and It has no knowledge of any material fact, which if it has been included in the Digital Signature Certificate would adversely affect the reliability of the representations made in clauses (a) to (b).

Section 37 empowers the Certifying Authority which has issued a Digital Signature Certificate to suspend the certificate under certain circumstances. Further, such certificate shall not be suspended for a period exceeding 15 days unless the subscriber has been given an opportunity of being heard.

According to section 38 of the Act, a Certifying Authority may revoke

a Digital Signature Certificate issued by it


(a)

(b) (c)

where the subscriber or any other person authorised by him makes a request to that effect; or upon the death of the subscriber; or upon the dissolution of the firm or winding up of the company; where the subscriber is a firm or a company;

A Certifying Authority may revoke a Digital Signature Certificate which has been issued by it any time, if it is of opinion that (a) a material fact represented in the Digital Signature Certificate is false or has been concealed; (b) a requirement for issuance of the Digital Signature Certificate was not satisfied. (c) the Certifying Authoritys private key or security system was compromised in a manner materially affecting the Digital Signature Certificates reliability; (d) the subscriber has been declared insolvent or dead or where a subscriber is a firm or a company, which has been dissolved, wound-up or otherwise ceased to exist..

You might also like