This Section explains the function of the ICT Authority as the Controller of Certification Authorities. It also describes the Mauritian PKI framework.
Under section 18 (z) of the Information
and Communication Technologies Act 2001, the ICT Authority is the
Controller of Certification Authorities in Mauritius. The Controller of
Certification Authorities as the “Root” Authority certifies the
technologies, infrastructure and practices of all the Certification
Authorities (CA) licensed/recognised/approved to issue Digital
Signature Certificates. Read more...
PKI stands for Public Key Infrastructure.
To enable the use of electronic signatures in an open environment (such
as the Internet) where the participants do not know each other, it is
necessary to know who the signer is. PKI is a system created for this
purpose and in this system a reliable third party issues an electronic
certificate. The certificate contains information about the person the
certificate is issued to. PKI uses a key pair, in which the other key
is public and the other is private.
The Certification Practice Statement (CPS) of the CCA states how the PKI components meet the assurance
requirements, security control, operational policy, procedures and other
matters relevant to obligations and responsibilities of the CCA and CAs
in accordance with the Electronic Transaction Act 2000, as amended and
the Regulations thereunder.