Certifying Authorities (CAs)

• Certifying Authorities are licensed entities authorized to issue DSCs.
  
• They are regulated by the Controller of Certifying Authorities (CCA).
  
• CAs are responsible for verifying the identity of applicants.
  
• They issue digital certificates after due validation.
  
• Each CA operates under the guidelines of the IT Act, 2000.
  

Role of the Controller of Certifying Authorities (CCA)

• The CCA is established under the Information Technology Act, 2000.
  
• It licenses and regulates all Certifying Authorities in India.
  
• It ensures the credibility and reliability of digital certificates.
  
• It maintains standards for digital security infrastructure.
  
• It monitors compliance of CAs with legal and technical rules.
  

Licensed Certifying Authorities in India

• Multiple organizations are authorized as licensed CAs.
  
• These include government-affiliated and private sector bodies.
  
• They are allowed to issue Class 1, Class 2, and Class 3 DSCs.
  
• They must maintain secure systems for issuing certificates.
  
• Each CA provides DSCs for individuals, organizations, and servers.
  

Issuance Procedure by CAs

• CAs collect application forms and verify documents.
  
• They conduct face-to-face or video verification if required.
  
• They generate a digital key pair (private and public).
  
• They deliver the DSC via a USB token or as a digital file.
  
• The DSC is activated after successful identity validation.
  

Compliance and Validity Requirements

• CAs must comply with CCA’s rules and security norms.
  
• They must ensure the identity proof is authentic and valid.
  
• DSCs are issued for a period of one to three years.
  
• Renewal requires re-verification and re-issuance.
  
• Revoked or expired DSCs must be updated with CAs.