Meanwhile, CCA in a post on its website said: “Due to security reasons 3 CA Certificates issued to NICCA have been suspended and the corresponding CRLs have been updated for this purpose. Further updation will be notified.”

Google said it had alerted NIC, India CCA and Microsoft about the incident and blocked the mis-issued certificates in Chrome with a CRLSet push. “On July 3, India CCA informed us that they revoked all the NIC intermediate certificates and another CRLSet push was performed to include that revocation.”

The U.S.-based firm said India CCA informed it about the results of their investigation on July 8.

“They reported that NIC’s issuance process was compromised and that only four certificates were mis-issued, the first on June 25. The four certificates provided included three for Google domains (one of which we were previously aware of) and one for Yahoo domains,” Google added.

Digital certificate provides identifying information, and is forgery resistant and can be verified.

It contains certificate holder’s name, a serial number, expiration dates, a copy of certificate holder’s public key (used for encrypting messages and digital signatures) and digital signature of the CA so that a recipient can verify the certificate.

Also Read:
CEOs to Emerge As 'Digital' Leaders By 2015, Says Gartner
Microsoft to Invest On Data And Applied Services, Software Engineering