JOIN USThe government on Tuesday said it is looking into the matter raised by tech giants Google and Microsoft, which have said that the National Informatics Centre (NIC) has issued unauthorised digital certificates.
The Controller of Certifying Authorities issues licences and regulates the working of Certifying Authorities, who issue digital certificates for electronic authentication of users.Digital certificate is like an electronic passport that allows a person, computer or organisation to securely exchange information over the Internet.
When contacted, Department of Electronics and Information Technology Secretary R S Sharma said, “We are looking into this issue. Certifying Authority (CA) is taking appropriate steps and is working under the guidance of the CCA.”
In a blog post last week, Google said: “On Wednesday, July 2, we became aware of unauthorised digital certificates for several Google domains.”
“The certificates were issued by NIC of India, which holds several intermediate CA certificates trusted by the Indian Controller of Certifying Authorities (India CCA).”
“Similarly, Microsoft said it is aware of unauthorised SSL certificates that could be used in attempts to spoof content, perform phishing attacks or perform man-in-the-middle attacks.
“SSL certificates were improperly issued by NIC, which operates subordinate CAs under root CAs operated by Government of India's Controller of Certifying Authorities.”