Launching of the Mauritian PKI on 6th December 2010 at Swami Vivekananda International Convention Center, Pailles
Under section 18(1)(z) of the Information and Communication Technologies Act 2001, as amended, the ICT Authority is the Controller of Certification Authorities (CCA) for Mauritius. The CCA, as the “Root” Authority of the Mauritian Public Key Infrastructure (PKI), certifies the technologies, infrastructure and practices of all the Certification Authorities (CAs) duly licensed, recognised, or approved to issue Digital Certificates. The purpose of Digital Certificates is to ensure, through the use of Digital and Electronic Signatures, confidentiality, authenticity, integrity and non-repudiation for online transactions.
A PKI is a combination of technologies, processes, policies, practices and legal provisions that enable the use of electronic signatures; such a signature is a feature required in an open environment, such as the Internet, where the parties involved in a transaction do not know each other, and yet wish to ensure that the transaction is a trusted one. PKI is a system that allows a reliable third party to issue a Digital Certificate, which is the vehicle that guarantees the required level of trust as it contains information about the person holding the certificate.
The coming into operation of the PKI in Mauritius has been fast-tracked under the high-level Economic Cooperation Agenda between the Government of India and the Government of Mauritius. Accordingly, the Mauritian CCA had signed in February 2009 a Memorandum of Understanding with the CCA of India. This MoU mainly rests upon the utilisation by the Mauritian CCA of the technical Infrastructure known as the Root Certification Authority of India which is used by the Indian CCA to digitally sign the public key certificates of all licensed CAs in India.
Pursuant to this MoU, the Root Certification Authority of India will also be used to digitally sign the public key certificates of all licensed CAs in Mauritius. This operation will be undertaken by the Indian CCA on behalf of the Mauritian CCA.
The Electronic Transactions Act Regulations 2010
, which has come into force on 1 Dec 2010, puts in place a licensing scheme for Certification Authorities (CAs) in Mauritius. In addition to laying down the administrative framework for licensing by the Controller of CAs, the Regulations also stipulate the criteria for a CA to be licensed in Mauritius, and the strict continuing operational requirements after obtaining a licence. The criteria that CAs will be evaluated against, include, their financial standing, operational policies and procedures, and trustworthiness of its personnel.
PKI has emerged worldwide as the trusted technology of choice for ensuring the trustworthiness of identity credentials in three key areas: e-government, national identity programs, and e-passport programs.
By adopting this technology in Mauritius, we are making a huge step towards making of Mauritius an I-Mauritius in line with the goal set by Government for 2010 – 2015.