The Indian government stated in a release that it is looking into the unauthorized digital certificates issued by NIC. Technology giants Google and Microsoft had raised the issue of fake signatures last week on their security blog.
The Controller of Certifying Authorities monitors Certifying Authorities, who issue digital certificates for electronic authentication of users. Digital certificate is like an electronic passport that allows a person, computer or organization to securely exchange information over the Internet.
Digital certificates provides identifying information like the certificate holders name, a copy of his public keys, a serial number and is forgery resistant. The unauthorized certificate could be used for eavesdropping on Google services like Gmail or Google Docs. Currently only Windows users have been affected by this issue as the India CCA certificates are included for the Microsoft Root Store.
In a blog post last week, Google said, “On Wednesday, July 2, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by NIC of India, which holds several intermediate CA certificates trusted by the Indian Controller of Certifying Authorities (India CCA).”
Tech giant Microsoft added that it is aware of improperly issued SSL certificates that could be used for performing phishing attacks.
“SSL certificates were improperly issued by NIC, which operates subordinate CAs under root CAs operated by Government of India’s Controller of Certifying Authorities, which are CAs present in the Trusted Root Certification Authorities Store,” it added.
The Department of Electronics and Information Technology Secretary R.S Sharma stated: “We are looking into this issue. Certifying Authority (CA) is taking appropriate steps and is working under the guidance of the CCA.”
Meanwhile, CCA in a post on its website said: “Due to security reasons 3 CA Certificates issued to NICCA have been suspended and the corresponding CRLs have been updated for this purpose. Further updation will be notified.”
Other Popular Deals
- 10 websites and applications you must know about8 music streaming services worth trying out
- 6 ways to start learning Microsoft AzureHow to improve your Firefox browsing experience
- The 12 most hilarious YouTube channels10 Microsoft Big Data Success Stories
- Next year, these attacks will threaten your cybersecurityWhy you won't need cable or DTH in 2017
- Flipkart New Pinch Days sale: Offers on Google Pixel 2,...Weird but interesting websites you ought to bookmark right...
- 10 reasons to trust Azure with your data10 YouTube sci-tech channels every geek should follow
- 15 apps and websites to accomplish everyday tasks15 must have chrome extensions
- On International Internet Day, know your internet