|
|
Legal Crisis in the Digital Signature System
India has adopted a PKI based digital signature system managed through digital certificates issued by licensed certifying authorities.
In this system, certifying authorities issue digital certificates using their digital signatures. The digital signatures of the Certifying authorities are authenticated by the digital signature from the Controller of Certifying Authorities (CCA) who is the root certifying authority in India. Every digital certificate owner therefore needs to download the digital certificate of the certifying authority as well as the digital certificate of the Controller when he has to install or verify the end user certificate in his system.
Additionally, the persons relying on the digital signatures has to verify the revocation list as well as the digital certificate list on real time basis. Without this support the digital society in India will be devoid of the legal support for contracts.
Thus for the system of digital signature system in India to survive it is critical that the system of revocation and certificate list verification has to exist and be available to Netizens on a real time basis.
In order to enable this, it is necessary for the CCA website to be online on a 24X7 basis.
However for the last two days the CCA website is not accessible on the net and the reasons are non known.
This is a serious legal issue on which an explanation is required from the CCA and the Ministry of Information Technology.
Naavi
October 3, 2007