A digital signature is an electronic form of signature that can be used to verify the identity of the sender of a message or the signer of a document, as well as to ensure that the original content of the message or document sent remains unaltered . Digital signatures are easy to transport and cannot be forged by anyone else. The ability to ensure that the original signed message has arrived means that the sender can't easily reject it later.

Q. Should individual's signature and encryption certificate be different?

Yes, the signature and encryption certificate must be individual to one. The encryption keys must be generated on the subscriber's system and must be archived before being transferred to a crypto medium. The signature keys must be generated in the crypto medium and must not be copied.

Q. Does one require multiple certificates for different application?

No, ideally there should not be a requirement for different certificates, but the person holding a Class 2 certificate with a lower level of assurance may require a Class 3 certificate with a higher level of assurance for application that the same required. The higher assurance Class 3 certificates can be used where ever a lower assurance certificate is required. Aside from security, depending on the information in the DSC (e.g. PAN number may be required by application), additional certificate may be required.

You can use Digital Signature Certificates for the following:

1. For signing and receiving digitally signed and encrypted emails.
2. To perform secure web-based transactions or to identify other participants in web-based transactions.
3. In eTendering, eProcurement, MCA [For Registrar of Companies efiling], Income Tax [for filing income tax returns] and many others
4. For sending documents such as MSWord, MSExcel and PDFs.
5. Plays a vital role in creating a paperless office.

1. ID Proof & Address Proof
2. Paper based application form with other supporting documents
3. Forward SMS + Video Verification. The Private Key generation and storage should be in Hardware cryptographic device validated to FIPS 140-1/2 level 2.

Class 3 : The verification requirements are

The Document Signing Certificate is issued for use with an organization's software for an automated verified response. The Document Signing Certificate is not a substitute for the signature of the authorized signatory of the organization.

A public key infrastructure (PKI) supports the distribution, authentication, and revocation of public keys used for public key encryption, and allows identities to be associated with public key certificates.

A PKI allows users and systems to securely exchange data over the Internet and to verify the legitimacy of certificate-holding entities, such as web servers, other verified servers, and individuals. The PKI allows users to authenticate digital certificate holders and to mediate the certificate revocation process, using cryptographic algorithms to secure the process.

A digital signature is an electronic method of signing an electronic document whereas a Digital Signature Certificate is a computer based record that

1. Identifies the Certifying Authority issuing it.
2. Has the name and other details that can identify the subscriber.
3. Contains the subscriber's public key.
4. Is digitally signed by the Certifying Authority issuing it.
5. Is valid for either one year or two years