Digital Certificate -An Overview

  1. What is a Digital Signature?
  2. Who is a Certifying Authority?
  3. Type of digital certificates required to bid at NLC eProcurement Website
  4. Instructions for obtaining Digital Certificate
  5. What is a USB Token?

(1) What is a Digital Signature?

    A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. The digital code (digital signature) is generated by using Digital Certificates.

    In order to bid for NLC eProcurement all the vendors are required to obtain a CLASS III Digital Certificates (i) Digital Signature,non-repudiation certificate(used for Signing) and (ii) Key Encipherment Certificate (used for encrypting Bid Document) with Organization Name from the licensed Certifying Authorities (CA) operating under the Root Certifying Authority of India (RCAI), Controller of Certifying Authorities (CCA) of India.

    CLASS III Digital Certificates (i) Digital Signature,non-repudiation certificate(used for Signing) and (ii) Key Encipherment Certificate (used for encrypting Bid Document) with Organization name is issued by CA in the name of a person authorized for filing Bids/Offers on behalf of his Company.

    Digital Certificate is valid for a specified period and can be used for signing any number of quotations for enquiries issued by NLC during such validity period.

     

(2) Who is a Certifying Authority?

    A trusted third-party organization or company that issues digital certificates used for creating digital signatures. The role of the CA in this process is to guarantee that the individual or Organization granted the unique certificate is, in fact, who he or she claims to be. CAs are a critical component in data security and electronic commerce because they guarantee that the two parties exchanging information are really who they claim to be.

(3)Type of digital certificates required to bid at NLC eProcurement Website

    CLASS III Digital Certificate with Organization Name issued by any CA licensed by CCA.

(4) Instructions for obtaining Digital Certificate

In order to bid for NLC eProcurement all the vendors are required to obtain a legally valid CLASS III digital certificate with Organization name as per Indian IT Act from the licensed Certifying Authorities (CA) operating under the Root Certifying Authority of India (RCAI), Controller of Certifying Authorities (CCA) of India. (http://www.cca.gov.in/)

Steps for obtaining Digital Certificate

  1. Visit the site of the licensed CA using internet browser.
  2. Apply for a CLASS III digital certificates (i) Digital Signature,non-repudiation certificate(used for Signing) and (ii) Key Encipherment Certificate (used for encrypting Bid Document) with Organization name for the designated individual with organization name. Ensure the Digital Certificate is legally valid in India.
  3. For making payment for Digital Certificate and submission of documents required for issue of the Digital Certificate, follow the instructions on the CA's website.

Links to some licensed CA's are provided below:

http://www.tcs-ca.tcs.co.in
http://www.safescrypt.com
http://www.mtnltrustline.com
http://www.ncodesolutions.com

(5)What is a USB Token?

  • It is secure Device, used specifically to carry Digital Certificates.
  • USB Tokens offer military grade security and the contents are also encrypted internally.
  • A virus cannot affect USB Token, and the digital Certificate stored would always be secure.
  • When you insert the Token, it automatically copies the certificate to the browser and when you remove the Token it automatically removes the certificate from the browser.
  • The Private key never leaves the Token and signing takes place within the Token itself. So, the security is guaranteed.