Hi Ish,
At 07:59 20-09-2015, Ish Sookun wrote:
>The explanation given was that MNIS CA did not require a license
>since the certificates are issued to "hardware devices" and not to
>"persons". Now, if you apply that in a business sense, I guess you
>do not require a license by the CCA in case you design & sell
>security hardware products that contain a digital certificate which
>is signed by "your own CA". Did I get it wrong?
From
http://mauritiusassembly.govmu.org/English/Pages/Answers/PQ-Written/2013/pqanswritten22october2013.pdf
"With the implementation of the Mauritius National Identity Scheme (MNIS)
Project, a number of sophisticated and secure systems have been installed
at the Data Centre. These systems include servers, networking equipment,
security appliances, databases and software for the MNIC conversion
application, MNIC Registration application, Card Personalisation
systems, Central Population Database Systems and Certification
Authority Systems."
Is that "hardware device" personalized? If your answer is yes,
please continue reading.
Please see
https://www.cca.mu/documents/eta_CA_Reg_2010.pdf
"No person or body shall act as a certification authority in
Mauritius unless ..."
Here is an example of the regulation:
(a) The Ministry of Telecommunications, Communication and Innovation
submits an application to act as a certification Authority
(b) The Controller of Certification Authorities examines the
application [1]
and submits a recommendation to the Minister of Telecommunications,
Communication and Innovation to grant or refuse the application.
What is the purpose of certifying certification authorities in
Mauritius? Would the above example cause a problem? Would it affect
the usage of the digital certification on the National Identity Card?
Regards,
S. Moonesamy
1. I assumed that there wasn't any problem with the application.
Received on Mon Sep 21 2015 - 09:14:43 PST