Public-key Infrastructure (PKI)

Digital Identity profiles one’s digital representation with unique descriptive data to facilitate electronic authentication in the digital world. Electronic authentication is the process of proving the validity of user identities presented electronically. Identity authentication is at the heart of online security. Online security requirements also revolve around the need to preserve the confidentiality and the integrity of information and the non-repudiation of transactions. Among variety of security measures with different strength and efficiency, Public Key Cryptography can address most security requirements for securing online environment. PKI sets legal and technological framework for implementing Public Key Cryptography in order to ensure trustworthy electronic transactions promoting e-procurement, e-commerce, e-business and e-government. PKI also secures organizational electronic workflow (e.g. file sharing) and personal online communications (e.g. secure mailing).

Digital Certificate

A Digital Certificate (DC) or public key certificate is an electronic document considered as a digital Identity that binds a Public Key with an identity - information such as the name of a person or an organization, their address, and so forth. A person can present a Digital Certificate electronically to prove his identity or his right to access information or services online.

Digital Certificates are also used to digitally sign and encrypt documents or information. Thus digital certificates ensure authenticity, integrity and confidentiality of documents along with assuring one’s digital identity. Apart from security aspect, digitally signed documents using a recognized and trusted digital certificate guarantees the legal validity of electronic documents like paper based signed documents.

The client needs a provision for use of Digital Certificate for signing and encrypting different types of documents. In order to do so the user system must have the facility for the use of Digital Certificates. This is acquired through a process of PKI enablement. The enablement involves introduction of some features in the client system and creating a process for placing the digital signature at prescribed positions on the forms or other documents. Signature of more than one person is possible where necessary. The verification of the sender is also carried out with this enablement.

The digital certificates may be kept in the browser where it is downloaded and signing is to be done from there. There is a key store that takes care of keeping the digital certificate along with private key. The digital certificates may also be kept in a crypto token and used as necessary.

The validity of the Digital Certificates is checked from a CRL (Certificate Revocation List). This is a list of certificates that have been revoked.

Why Digital Certificate should be trusted

Digital certificate is issued by a trusted party known as a Certifying Authority (CA) according to law, standards and policies se by the Government. A CA issues Digital Certificates to the applicants after being satisfied about the authenticity of the identity of the applicant. A CA attests its digital signature on the Digital Certificates to make it forgery resistant.

Dohatec CA is a trusted Certifying Authority licensed by the office of the Controller of Certifying Authorities (CCA), Bangladesh under the Ministry of Information and Communication Technology, Bangladesh following the enactment of Bangladesh ICT ACT 2006 and Bangladesh IT CA Rules 2010. Digital Certificates issued by Dohatec CA is in compliance with the cryptographic and interoperability standards and policies set by CCA Bangladesh. Security process of Dohatec CA is implemented adopting international standard practice and technology, so that we can provide Bangladesh/overseas customer most secure technology advance Digital Certificate.

Dohatec CA issues the legally valid and trusted Digital Certificates under the brand name of used in Government e-services, online banking services and other services requiring secure exchange of data assuring proof of ownership and authorized access to data.