Home » News » General » Government looks into unauthorized digital certificates issues

Government looks into unauthorized digital certificates issues

By Silky Malhotra | Updated on 15-Jul-2014
Government looks into unauthorized digital certificates issues
Silky Malhotra Silky Malhotra
15-Jul-2014
HIGHLIGHTS

Tech giants Google and Microsoft state that the NIC issued fake digital certificates.

The Indian government stated in a release that it is looking into the unauthorized digital certificates issued by NIC. Technology giants Google and Microsoft had raised the issue of fake signatures last week on their security blog.

The Controller of Certifying Authorities monitors Certifying Authorities, who issue digital certificates for electronic authentication of users. Digital certificate is like an electronic passport that allows a person, computer or organization to securely exchange information over the Internet.

Digital certificates provides identifying information like the certificate holders name, a copy of his public keys, a serial number and is forgery resistant. The unauthorized certificate could be used for eavesdropping on Google services like Gmail or Google Docs. Currently only Windows users have been affected by this issue as the India CCA certificates are included for the Microsoft Root Store.

In a blog post last week, Google said, “On Wednesday, July 2, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by NIC of India, which holds several intermediate CA certificates trusted by the Indian Controller of Certifying Authorities (India CCA).”

Tech giant Microsoft added that it is aware of improperly issued SSL certificates that could be used for performing phishing attacks.

“SSL certificates were improperly issued by NIC, which operates subordinate CAs under root CAs operated by Government of India’s Controller of Certifying Authorities, which are CAs present in the Trusted Root Certification Authorities Store,” it added.

The Department of Electronics and Information Technology Secretary R.S Sharma stated: “We are looking into this issue. Certifying Authority (CA) is taking appropriate steps and is working under the guidance of the CCA.”

Meanwhile, CCA in a post on its website said: “Due to security reasons 3 CA Certificates issued to NICCA have been suspended and the corresponding CRLs have been updated for this purpose. Further updation will be notified.”

Source: ET

 

Silky Malhotra

Silky Malhotra

Silky Malhotra loves learning about new technology, gadgets, and more. When she isn’t writing, she is usually found reading, watching Netflix, gardening, travelling, or trying out new cuisines. View Full Profile

New Mobiles
Redmi Note 14 Pro+ 5GRedmi Note 14 5GVivo V40e 5GInfinix Zero Flip 5G
Top-10s
Best Budget Smartphones in India (December 2024)Top Most Beautiful and Stylish Mobile Phones for Women/Girls (December 2024)Best Battery Backup Smartphones in India (December 2024)Best Gaming Phones under ₹20,000 (December 2024)
Latest News
After iPhones, Apple to start assembling AirPods in India in early 2025: Everything we knowThis AI chatbot encourages teen to kill his parents over screen-time restrictions, sparks legal actionOpenAI rolls out Advanced Voice Mode with Vision for ChatGPT users: Here’s how to useThis latest Samsung Galaxy S25 Ultra design leak confirms flat design, colours also revealed
Digit

Digit.in is one of the most trusted and popular technology media portals in India. At Digit it is our goal to help Indian technology users decide what tech products they should buy. We do this by testing thousands of products in our two test labs in Noida and Mumbai, to arrive at indepth and unbiased buying advice for millions of Indians.

Follow us : logo logo logo logo logo logo
Company About Us Contact Us Advertise with us Regulatory Terms & Conditions Privacy Policy Disclaimer Complaint Redressal
Copyright © 2024 Bennett, Coleman & Company Limited All Rights Reserved.
Digit.in
Logo
Digit.in
Logo