CONTROLLER OF CERTIFYING AUTHORITIES
Copyright infringement not intended
Context: The Indian government has launched a contest to encourage developers to create a native web browser that can compete globally. The Ministry of Electronics and Information Technology said that it will award cash prizes totalling ₹3.4 crores to the best browser ideas.
- The Controller of Certifying Authorities (CCA), the Indian government's authority for digital signatures, including SSL (Security Sockets Layer) certificates, is a crucial caveat for browser innovations entered for this competition.
- SSL certificates are used to encrypt webpages and ensure that browsers are aware that a website has not been updated or impersonated by an attacker. Browsers know to trust these certificates if they are issued by a certifying authority that is trusted by a "root certifying authority."
- The problem is that India does not have a root certifying authority that is recognized by major browsers such as Google Chrome, Mozilla Firefox and Microsoft Edge. This means that the government has its root certifying authority, the Root Certifying Authority of India, which is legally valid under Indian law, but its certificates are mostly ignored by web browsers. As a result, many Indian government and private websites have to buy SSL certificates from foreign certifying authorities.
Controller of Certifying Authorities (CCA)
- The Information Technology Act 2000 gives legal validity to digital signatures that use asymmetric cryptosystems. This means that digital signatures have the same status as handwritten signatures and electronic documents with digital signatures are equivalent to paper documents.
- The IT Act creates the Controller of Certifying Authorities (CCA), which is responsible for licensing and regulating the Certifying Authorities. The Certifying Authorities (CAs) issue digital signature certificates to authenticate the identity of users online.
- The Central Government has appointed the Controller of Certifying Authorities (CCA) under the Act to implement the IT Act. Its main objective is to facilitate the development of E-Commerce and E-Governance by encouraging the use of digital signatures.
- The Controller of Certifying Authorities (CCA) has set up the Root Certifying Authority (RCAI) of India under the IT Act to digitally sign the public keys of Certifying Authorities (CA) in India. The RCAI operates according to the standards specified under the Act.
- The CCA verifies the public keys of CAs using its private key, which allows users in cyberspace to check that a certificate is issued by a licensed CA. For this purpose, it runs the Root Certifying Authority of India (RCAI). The CCA also maintains the Repository of Digital Certificates, which contains all the certificates issued to the CAs in India.
Q. What is the function of a browser's "cache"?
A) It stores cookies for website authentication
B) It stores bookmarks for quick access
C) It temporarily stores web page elements to speed up future visits
D) It displays advertisements on websites
Explanation: A browser cache is a storage area that holds temporary copies of web page elements, such as images, scripts, and stylesheets. This allows the browser to load these elements faster during subsequent visits to the same website, enhancing the user's browsing experience.