National Repository of Digital Signatures Certificate (NRDC)
The Controller of Certifying Authorities (CCA) operates the National Repository of Digital Signatures (NRDC) as required under Section 20 of the IT Act 2000. Copies of all Digital Signature Certificates and the corresponding Certificate Revocation List (CRL) issued by all licensed Certifying Authorities in the country are maintained in the NRDC.
Access to these Digital Signature Certificates is provided with a search facility so that the public keys contained in these certificates are available to any member of the public.
The NRDC is updated through weekly submission by all the licensed CAs as prescribed in the Guidelines for submission to NRDC. For latest Information users and relying parties are advised to verify the certificates and CRL from the website of the issuing CA.
Guidelines for submission to NRDC
Office of the Controller of Certifying Authorities
Ministry of Communications and Information Technology
Government of India
6, CGO Complex, New Delhi – 110 003
Circular No. 1/2002
December 16, 2002
Guidlines for submission of certificates and CRLS to the CCA for Publishing in NRDC by certifying authorities
As per Section 20 of the IT Act 2000, the Controller is required to act as the Repository of all Digital Signature Certificates issued under the Act. For this purpose the Certifying Authorities licensed under the Act have to submit the Certificates and the CRLs issued by them to the National Repository of Digital Certificates (NRDC), maintained by the CCA.
The following is the procedure for submission of the Certificates and CRLs by the Certifying Authorities:
- Certifying Authorities shall submit Certificates and CRLs to the NRDC on a weekly basis. All these submissions shall reach the designated email address by 12 noon every Monday. If it is a gazetted holiday the same shall reach on the next working day by 12 noon
- Submission shall be through e-mail
- The e-mail shall be digitally signed by an authorised person and be addressed to firstname.lastname@example.org. The digital signature certificate of the authorised person shall be formally submitted to the CCA on CD and be accompanied by a letter physically signed by the authorised signatory of the CA (one time or when the authorized person is changed by the CA)
Separate e-mails shall be sent for
- Certificates (Sub: NRDC Update – Certificates)
- CRLs. (Sub: NRDC Update – CRLs)
The actual data pertaining to certificates and CRLs shall be submitted as an attachment file in LDIF format including the following :
- Certificates – All entries to be added (incremental)
- CRL - All entries, accumulated to date
The convention for file names shall be as follows :
- Certificates : NRDC_CA Name_Cert_Update_DDMMYYYY.ldif
- CRLs : NRDC_CA Name_CRL_Update_DDMMYYYY.ldif
- Certificates and CRLs updated in NRDC shall be stored as indicated in the DIT structure attached
- A sample LDIF file is included in the Annexure