Signature Verification
Where can I find the verification method to be followed in the rules and Guidelines?
The procedure for verification of signature is specified in Digital Signature (End entity rules) 2015 and also in Annexure IV – Application Developer Guidelines of Interoperability Guidelines for DSC (CCA-IOG).
For verification of Digital Signature of any individual, whether I need the certificates of the signer and the issuing CA?
Yes. Signer's certificate and the complete issuer chain of certificates up to the Root certificate are required. The chain may either be part of Digital Signature or be made available to the verifier by the application service provider. Microsoft products carry Root Certificate of India. If not present locally in the verification system, it can be downloaded from http://cca.gov.in. In the case of application based verification, applications need to make available the Root Certificate to the verification component.
How can a digitally signed document be verified after the DSC associated with the Public Key has expired?
The digital signature verification process for a document requires the signer’s public key, issuer certificates and their CRLs. CA will make available the issuer certificates and CRLs till the expiry of DSCs. For the requirements of verification beyond expiry of DSCs, the application should therefore have a provision to locally store DSCs issuer certificate and their CRL’s at the time when the document was digitally signed.To enable the verification of documents long time after the affixing of signature, it is recommended to use long term archival signature format for the signature.