Public Key Infrastructure Framework in Mauritius 

PKI stands for Public Key Infrastructure. To enable the  use of electronic signatures in an open environment (such as the Internet)  where the participants do not know each other, it is necessary to know who the  signer is. PKI is a system created for this purpose and in this system a  reliable third party issues an electronic certificate. The certificate contains  information about the person the certificate is issued to. PKI uses a key pair,  in which one key is public and the other is private.

The system is based  on asymmetric encryption. The signer signs the message with a private key,  known only by the signer. The recipient can verify the authenticity of the  signature and the integrity of the message with the public key given in the  certificate.         

The Electronic  Transactions Act, 2000 (as amended), and its regulations, provide the required legal sanctity to the digital signatures based on  asymmetric cryptosystems. It also provides for the Controller of Certification Authorities (CCA) to license and regulate the working of Certification Authorities. The Certification Authorities (CAs) issue digital signature  certificates to users.

The CCA certifies the public keys of CAs using its own private key, which enables users in the cyberspace to verify that a given certificate is issued by a licensed CA.         

In line with the provisions of the Electronic  Transaction Act 2000 (as amended) and the regulations made thereunder, issuance  of Licence/Recognition/Approval certificates implies the remittance of 

  1.    a digital licence; and
  2.   a paper-based licence.             

In May 2012, the technical infrastructure required for the issuance of the digital licence was  installed at the premises of the Authority. This infrastructure allows the  Authority to perform the following distinct exercises:-         

  1. issuance  of the key pair (public and private key) for the CCA;                        
  2. issuance  of the self-signed root certificate for the CCA and hosting of same on the website as per section 24(6) of the Electronic Transactions (Certification Authorities)  Regulations 2010;                                       
  3. affixture of the CCA digital signature on Licensed/Recognised/Approved CA public key certificate of CAs;