What is Digital Signature Certificate?
Digital Signature Certificate is an legal identity of any individual person for signing information or documents online on personal behalf of any individual or organization. As per IT ACT 2000 of India, Digital Signature Certificate can be obtained by any user for performing various transactions. Digital Signature Certificate consist private key and public key of user. Digital Signature Certificate ( DSC ) is based on a 2048 bit algorithm for maximum security.
Types of Digital Signature Certificates
Class 3 DSC
Class 3 Digital Signature Certificate is one and highest type of certificate available and can be used for performing various transactions like ITR, ROC, MCA21, GST, IEC< EPFO, Form16, Trademark eFiling, eTendering, eProcurement, CHAs, ICEGate, AICTE, CBSE, Gram Panchayat and many more. In Class 3 Digital Signature we can issue both signing and encryption certificates as well as signing certificates.
DGFT Digital Signature is a Class 2 or Class 3 Digital Signature but the usage is limited to DGFT Website for performing various efiling and transactions like but not limited to IEC branch additions, IEC Renewal, Address Updation, License eFiling, Annual return efiling. User who use DGFT digital signature also gets some discount on licenses fee upto 50%. DGFT DSC can be issued to organization having a valid Import Export Code ( IEC ) in India.
Document Signer Certificates can be issued to organizational users for signing of software applications for operating automatically to authenticate documents or information attributed to the organization by using Digital Signature applied on the document, documents. Information. Document Signer Certificates’ purpose is mainly for mainly for automated signing online on servers. Class 2 Document Siger is most popular.
Difference in Signing and Encryption
The signing certificate refers to the signing private key. It will be used by individuals or organizations for signing purpose. The key pair will be generated by subscriber in a secure mode and is inherent to keep his private key in safe custody like in a FIPS certified USB Token. The encryption key pair is used by the subscriber for receiving encrypted messages which is encrypted using subscriber’s public key. Message signing binds the identity of the message source to this message. It ensures data integrity, message authentication, and non-repudiation altogether. When signing, you use your private key to write message’s signature, and they use your public key to check if it’s really yours.
Message encryption provides confidentiality. Allows users to encrypt document with the public key which can be decrypted only with the corresponding private key. To put it in simple terms when encrypting, you use their public key to write message and recipient uses their private key to read it. One of the most secure way protecting confidential documents.
What is Digital Signature Certificate ?In India as per IT ACT 2000, Digital Signature Certificate is legally valid identity of any subscriber including his or her personal information such as name, email id, PAN, State etc. To sign documents online we need digital signature certificate to authenticate it. A digital signature is an electronic form of a signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and also ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable and cannot be imitated by someone else. The ability to ensure that the original signed message arrived means that the sender cannot easily disclaim it later.
What Is A Digital Signature Certificate (DSC) ?Digital Signature Certificates (DSC) is the electronic format of physical or paper certificate like a driving License, passport etc. Certificates serve as proof of identity of an individual for a certain purpose; for example, a Passport identifies someone as a citizen of that country; who can legally travel to any country. Likewise, a Digital Signature Certificate can be presented electronically to prove your identity, to access information or services on the Internet or to sign certain documents digitally.
Why Do I Need A Digital Signature Certificate ?A Digital Signature Certificate authenticates your identity electronically. It also provides you with a high level of security for your online transactions by ensuring absolute privacy of the information exchanged using a Digital Signature Certificate. You can use certificates to encrypt information such that only the intended recipient can read it. You can digitally sign information to assure the recipient that it has not been changed in transit, and also verify your identity as the sender of the message.
What Is A Registration Authority (RA) ?A RA (Registration Authority) like eSolutions is an agent of the Certifying Authority who collects the application forms and related documents for Digital Signature Certificates, verifies the information submitted and approves or rejects the application based on the results of the verification process.
Why Does A Digital Signature Certificate Have A Limited Validity Period ?Digital signature certificates have an explicit start date and an explicit expiration date. Most applications check the validity period of a certificate when the digital certificate is used. The signature certificate expiration date is also used for managing the certificate revocation list (CRL). A certificate is removed from the revocation list when its natural expiration date arrives. As such, generally the shorter the certificate validity period, the shorter the CRL.
How Does A Digital Signature Certificate (DSC) Work ?A Digital Signature Certificate (DSC) explicitly associates the identity of an individual/device with a two keys - public and private keys. The certificate contains information about a user's identity (for example, their name, pincode, country, email address, the date the certificate was issued and the name of the CA. These keys will not work in the absence of the other. They are used by browsers and servers to encrypt and decrypt information regarding the identity of the certificate user. The private key is stored on the user's computer hard disk or on an external device such as a USB token. The user retains control of the private key; it can only be used with the issued password. The public key is disseminated with the encrypted information. The authentication process fails if either one of these keys in not available or do not match. This means that the encrypted data cannot be decrypted and therefore, is inaccessible to unauthorized parties.
What Is A Root Certificate, And Why Do I Need One ?"A root certificate is one of two things: Either an unsigned public key certificate or a self-signed certificate used to identify the Root Certificate Authority (CA). The root certificate is in fact the anchor of trust in a digital certificate and is used for validating the entire certification tree.
Are Digital Signature Certificate (DSC)S Legally Valid In India ?Yes, as per Information Technology Act 2000 in India, Digital Signature Certificate (DSC) are legally valid in India. Digital Signature Certificate (DSC) are issued by licensed Certifying Authorities under the Ministry of Information Technology, Government of India as per the Information Technology Act.
Where Can I Purchase A Digital Signature Certificate ?Legally valid Digital Signature Certificates are issued only through Controller of Certifying Authorities (CCA), Govt. of India,licensed Certifying Authorities (CA), such as eMudhra. eMudhra, a Certifying Authority (CA) licensed by CCA, offers secure digital signatures through various options tailored to suit individual as well as organizational needs through RA (Registration Authority) like eSolutions.
What Is The Difference Between A Digital Signature And A Digital Signature Certificate ?A digital signature is an electronic method of signing an electronic document whereas a Digital Signature Certificate is a computer based record that -Identifies the Certifying Authority issuing it. -Has the name and other details that can identify the subscriber. -Contains the subscriber's public key. -Is digitally signed by the Certifying Authority issuing it. -Is valid for either one year or two years.