NIC has issued unauthorised digital certificates

google_door_reutersThe government of India is probable to take an action on protest filed by giants like Google and Microsoft, wherever they said that National Informatics Centre has issued unauthorised digital certificates.

The controller of certifying powers that be issues licences and also regulates the working of the same. It is concerned in issuing digital certificates to verify users. Digital certificate is just like an electronic passport which allows any user to exchange information steadily over the internet.

branch of Electronics and Information Technology secretary R S Sharma said, “We are looking into the issue. Certifying authority is attractive all the appropriate stepladder and working under the guidance of the CCA”.

In a blog last week, this issue was raised by Google saying, “We became alert of unauthorised digital certificates for several Google domains”.“The certificates were issued by NIC, which holds several CA certificates trusted by CCA.

likewise, Microsoft said to it was aware of improperly issued certificates which can be used to spoof content , perform phishing attacks or perform focus man attacks”.
Meanwhile, CCA in a post said, “Due to security reasons 3 CA certificates issued to NICCA have been suspended till further notice”.

“They reported that NIC’s issuance process was compromised and four certificates were tainted, the first on 25 June”, Google extra. The certificate holds the name of the certificate holder, serial number, expiration dates,public key and digital signature of CA so a recipient can verify the certificate.

Leave a Reply