UIDAI public key validation process
PANT Vineet (SAFRAN IDENTITY AND SECURITY)
Dear UIDAI Team,
As discussed earlier regarding the test case point 23(Fake UIDAI public key ) in doc “STQC UIDAI Registered devices Guidance to applicant Official v1.0 140317”, We have to perform following validation on UIDAI certificate:-
The UIDAI key validation is performed by looking for the CN names and validating CCA certificates.
We have checked all three certificates from UIDAI (P,PP,S )from developer portal ( authportal.uidai.gov.in -> Resources -> Developers) , After observing the certificates we have following questions regarding these certificate
a. For S certificate: CN = AuthStaging16092020 , for PP certificate: CN = SIRISH CHOUDHARY and for P certificate: CN = Sirish Choudhary Jarubula : Are these values to be checked and return an error if not correct??? We assume these CN should be modified in the future. What type of automatic software test can be performed?
b. Concerning “validating the CCA” : no CCA for Staging certificate and for the others do we have the guarantee that up-to-date CCA certificates (CCA India and e-Mudhara CA) will be in the certificates store of the host (as it seems the case for PC under windows 7)?
Please provider answer to above questions as we need to perform these validations.
Regards,
Vineet Pant
#
" Ce courriel et les documents qui lui sont joints peuvent contenir des informations confidentielles, être soumis aux règlementations relatives au contrôle des exportations ou ayant un caractère privé. S'ils ne vous sont pas destinés, nous vous signalons qu'il est strictement interdit de les divulguer, de les reproduire ou d'en utiliser de quelque manière que ce soit le contenu. Toute exportation ou réexportation non autorisée est interdite.Si ce message vous a été transmis par erreur, merci d'en informer l'expéditeur et de supprimer immédiatement de votre système informatique ce courriel ainsi que tous les documents qui y sont attachés."
******
" This e-mail and any attached documents may contain confidential or proprietary information and may be subject to export control laws and regulations. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. Unauthorized export or re-export is prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system."
#
SINGH Himanshu (MORPHO)
Hello UIDAI Team,
Can you please answer the below mail? This is urgent.
Regards,
Himanshu
From: PANT Vineet (SAFRAN IDENTITY AND SECURITY)
Sent: Friday, May 19, 2017 12:05 PM
To: aadha...@googlegroups.com
Cc: SINGH Himanshu (SAFRAN IDENTITY AND SECURITY); PACHNANDA Saurabh (SAFRAN IDENTITY AND SECURITY); YADAV Rohit RY (SAFRAN IDENTITY AND SECURITY); SAINI Supriya (SAFRAN IDENTITY AND SECURITY)
Subject: UIDAI public key validation process
Dear UIDAI Team,
As discussed earlier regarding the test case point 23(Fake UIDAI public key ) in doc “STQC UIDAI Registered devices Guidance to applicant Official v1.0 140317”, We have to perform following validation on UIDAI certificate:-
The UIDAI key validation is performed by looking for the CN names and validating CCA certificates.
We have checked all three certificates from UIDAI (P,PP,S )from developer portal ( authportal.uidai.gov.in -> Resources -> Developers) , After observing the certificates we have following questions regarding these certificate
a. For Staging certificate: CN = AuthStaging16092020 , for PP certificate: CN = SIRISH CHOUDHARY and for P certificate: CN = Sirish Choudhary Jarubula : Are these values to be checked and return an error if not correct??? We assume these CN should be modified in the future. What type of automatic software test can be performed?
b. Concerning “validating the CCA” : no CCA for Staging certificate and for the others do we have the guarantee that up-to-date CCA certificates (CCA India and e-Mudhara CA) will be in the certificates store of the host (as it seems the case for PC under windows 7)?
Please provider answer to above questions as we need to perform these validations.
Regards,
Vineet Pant
#
" This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system."
#
SINGH Himanshu (MORPHO)
Hi Suraj/UIDAI team,
This point is pending for a while. Can we have the answers?
Regards,
Himanshu
From: SINGH Himanshu (MORPHO)
Sent: Monday, June 19, 2017 11:04 AM
To: 'aadha...@googlegroups.com'
Cc: PACHNANDA Saurabh (MORPHO); YADAV Rohit RY (MORPHO); SAINI Supriya (MORPHO); PANT Vineet (MORPHO); 'Suraj Nair'; Gaurav Sarin <gsarin...@gmail.com> (gsarin...@gmail.com)
Subject: RE: UIDAI public key validation process
Hello UIDAI Team,
Can you please answer the below mail? This is urgent.
Regards,
Himanshu
From: PANT Vineet (SAFRAN IDENTITY AND SECURITY)
Sent: Friday, May 19, 2017 12:05 PM
To: aadha...@googlegroups.com
Cc: SINGH Himanshu (SAFRAN IDENTITY AND SECURITY); PACHNANDA Saurabh (SAFRAN IDENTITY AND SECURITY); YADAV Rohit RY (SAFRAN IDENTITY AND SECURITY); SAINI Supriya (SAFRAN IDENTITY AND SECURITY)
Subject: UIDAI public key validation process
Dear UIDAI Team,
As discussed earlier regarding the test case point 23(Fake UIDAI public key ) in doc “STQC UIDAI Registered devices Guidance to applicant Official v1.0 140317”, We have to perform following validation on UIDAI certificate:-
The UIDAI key validation is performed by looking for the CN names and validating CCA certificates.
We have checked all three certificates from UIDAI (P,PP,S )from developer portal ( authportal.uidai.gov.in -> Resources -> Developers) , After observing the certificates we have following questions regarding these certificate
a. For Staging certificate: CN = AuthStaging16092020 , for PP certificate: CN = SIRISH CHOUDHARY and for P certificate: CN = Sirish Choudhary Jarubula : Are these values to be checked and return an error if not correct??? We assume these CN should be modified in the future. What type of automatic software test can be performed?
b. Concerning “validating the CCA” : no CCA for Staging certificate and for the others do we have the guarantee that up-to-date CCA certificates (CCA India and e-Mudhara CA) will be in the certificates store of the host (as it seems the case for PC under windows 7)?
Please provider answer to above questions as we need to perform these validations.
Regards,
Vineet Pant
#
" This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system."
#
SINGH Himanshu (MORPHO)
Suraj,
We are waiting for the Team’s feedback.
Regards,
Himanshu
From: SINGH Himanshu (MORPHO)
Sent: Monday, June 19, 2017 11:04 AM
To: 'aadha...@googlegroups.com'
Cc: PACHNANDA Saurabh (MORPHO); YADAV Rohit RY (MORPHO); SAINI Supriya (MORPHO); PANT Vineet (MORPHO); 'Suraj Nair'; Gaurav Sarin <gsarin...@gmail.com> (gsarin...@gmail.com)
Subject: RE: UIDAI public key validation process
Hello UIDAI Team,
Can you please answer the below mail? This is urgent.
Regards,
Himanshu
From: PANT Vineet (SAFRAN IDENTITY AND SECURITY)
Sent: Friday, May 19, 2017 12:05 PM
To: aadha...@googlegroups.com
Cc: SINGH Himanshu (SAFRAN IDENTITY AND SECURITY); PACHNANDA Saurabh (SAFRAN IDENTITY AND SECURITY); YADAV Rohit RY (SAFRAN IDENTITY AND SECURITY); SAINI Supriya (SAFRAN IDENTITY AND SECURITY)
Subject: UIDAI public key validation process
Dear UIDAI Team,
As discussed earlier regarding the test case point 23(Fake UIDAI public key ) in doc “STQC UIDAI Registered devices Guidance to applicant Official v1.0 140317”, We have to perform following validation on UIDAI certificate:-
The UIDAI key validation is performed by looking for the CN names and validating CCA certificates.
We have checked all three certificates from UIDAI (P,PP,S )from developer portal ( authportal.uidai.gov.in -> Resources -> Developers) , After observing the certificates we have following questions regarding these certificate
a. For Staging certificate: CN = AuthStaging16092020 , for PP certificate: CN = SIRISH CHOUDHARY and for P certificate: CN = Sirish Choudhary Jarubula : Are these values to be checked and return an error if not correct??? We assume these CN should be modified in the future. What type of automatic software test can be performed?
b. Concerning “validating the CCA” : no CCA for Staging certificate and for the others do we have the guarantee that up-to-date CCA certificates (CCA India and e-Mudhara CA) will be in the certificates store of the host (as it seems the case for PC under windows 7)?
Please provider answer to above questions as we need to perform these validations.
Regards,
Vineet Pant
#
" This e-mail and any attached documents may contain confidential or proprietary information. If you are not the intended recipient, you are notified that any dissemination, copying of this e-mail and any attachments thereto or use of their contents by any means whatsoever is strictly prohibited. If you have received this e-mail in error, please advise the sender immediately and delete this e-mail and all attached documents from your computer system."
#