NEW DELHI:  The government said it is looking into the matter raised by tech giants Google and Microsoft which have said that the National Informatics Centre (NIC) has issued unauthorized digital certificates.

The Controller of Certifying Authorities issues licenses and regulates the working of Certifying Authorities, who issue digital certificates for electronic authentication of users.

Digital certificate is like an electronic passport that allows a person, computer or organization to securely exchange information over the Internet.

When contacted, Department of Electronics and Information Technology Secretary R.S Sharma told PTI: “We are looking into this issue. Certifying Authority (CA) is taking appropriate steps and is working under the guidance of the CCA.”

In a blog post last week, Google said, “On July 2, we became aware of unauthorized digital certificates for several Google domains.

“The certificates were issued by NIC of India, which holds several intermediate CA certificates trusted by the Indian Controller of Certifying Authorities (India CCA).”

Similarly, Microsoft said it is aware of improperly issued SSL certificates that could be used in attempts to spoof content, perform phishing attacks or perform man-in-the-middle attacks.

“SSL certificates were improperly issued by NIC, which operates subordinate CAs under root CAs operated by Government of India’s Controller of Certifying Authorities, which are CAs present in the Trusted Root Certification Authorities Store,” it added.

Also Read:

9,174 Indian Websites Hacked Till May: IT Minister

Facebook May Turn People Vain, Less Empathic: Study