Right to Information Act

The Detail of PIO and Appellate Authority in the office of CCA are given below:

APPELLATE AUTHORITY Shri. Aashish Banati, Deputy Controller(Technical), Controller of Certifying Authorities, Room No 4005,Ministry of Electronics & Information Technology,Electronics Niketan,6, CGO Complex,Lodhi Road, New Delhi-110003

Tel - 24301253

PUBLIC INFORMATION OFFICER

Shri. Deepak Kumar, Scientist 'C', Controller of Certifying Authorities, Ministry of Electronics & Information Technology,Electronics Niketan,6, CGO Complex,Lodhi Road, New Delhi-110003

How to Apply for RTI

1) Online: Visit www.rtionline.gov.in

2) Offline: RTI Application + a fee of Rs.10.00 by Indian Postal Order (IPO) or Demand Draft (DD) payable to Pay and Accounts Officer (PAO),MeitY, New Delhi

 

Right To Information Act, 2005 4(1)(b)(i):

The particulars of its Organisation, functions and duties.

The office of CCA is functioning at Electronics Niketan, Ministry of Electronics & Information Technology. The contact address is given below

Controller of Certifying Authorities, Ministry of Electronics & Information Technology, Electronics Niketan,6, CGO Complex,Lodhi Road, New Delhi-110003
Email:info[at]cca.gov.in

 

  • Controller of Certifying Authorities (CCA)

    The Controller of Certifying Authorities (CCA) has been appointed by the Central Government under section 17 of the
    Act for purposes of the IT Act.  The Office of the CCA came into existence on November 1, 2000. 
    It aims at promoting the growth of E-Commerce and E-Governance through the wide use of digital signatures.

    The Controller of Certifying Authorities (CCA) has established the Root Certifying Authority (RCAI) of India under
    section 18(b) of the IT Act to digitally sign the public keys of Certifying Authorities (CA) in the country.

    The RCAI is operated as per the standards laid down under the Act.

     

    The requirements fulfilled by the RCAI include the following:

    • All public keys corresponding to the signing private keys of a CA are digitally signed by the CCA.
    • That these keys are signed by the CCA can be verified by a relying party through the CCAs website or CA own website.

    Authorized CCA personnel initiate and perform Root CA functions in accordance with the Certification Practice Statement of Root Certifying Authority of India. The term Root CA is used to refer to the total CA entity, including the software and its operations.

     

    The RCAI root certificate is the highest level of certification in India. It is used to sign the public keys of the Licensed CAs in India. The RCAI root certificate is a self-signed certificate.

    • Functions and Duties of Controller of Certifying Authorities

    The following are the functions of the Controller as per IT ACT, 2000 (Section 18)

     

    3.1. Functions of Controller

    The Controller may perform all or any of the following functions, namely:

    • Exercising supervision over the activities of the Certifying Authorities;
    • Certifying public keys of the Certifying Authorities;
    • I Laying down the standards to be maintained by the Certifying Authorities;
    • Specifying the qualifications and experience, which employees of the Certifying Authorities should possess
    • Specifying the conditions subject to which the Certifying
      Authorities shall conduct their business;
    • Specifying the contents of written, printed or visual materials and advertisements that may be distributed or used in respect of a Digital Signature Certificate and the public key;
    • Specifying the form and content of a Digital Signature Certificate and the key;
    • Specifying the form and manner in which accounts shall be maintained by the Certifying Authorities;
    • Specifying the terms and conditions subject to which auditors may be appointed and the remuneration to be paid to them;
    • Facilitating the establishment of any electronic system by a Certifying Authority either solely or jointly with other Certifying Authorities and regulation of such systems;
    • Specifying the manner in which the Certifying Authorities shall conduct their dealings with the subscribers;
    • Resolving any conflict of interests between the Certifying Authorities and the subscribers;
    • Laying down the duties of the Certifying Authorities;
    • Maintaining a database containing the disclosure record of every Certifying Authority containing such particulars as may be specified by regulations, which shall be accessible to public.
  • Location and address
  • Right To Information Act, 2005 4(1)(b)(ii): Power and duties of its officers and employees.

    Duties and responsibilities of Deputy Controller /Assistant Controller (Technology)

    • Root CA Infrastructure
    • Network Infrastructure Operation
    • Maintaining Data of CAs
    • National Repository of Digital Signature Certificates
    • Security and Encryption issues 
    • CPS of CCA
    • CPS of all CAs (all technical issues)
    • CAs application Processing- technical and CPS issues
    • Preparation of panel of auditors
    • Auditing of CAs
    • PKI technical standards
    • Interface with PKI forums Local and international
    • CA Rules and Cyber Laws technology issues.
    • Cross-certification issues- Local and foreign CAs
    • CRAC issues
    • Technical support to investigation and Legal & Finance Division
    • CA technology Forum
    • To prepare replies to Parliament questions.
    • Any additional item of work, as desired by CCA

    Duties and Responsibilities of Director (Admin and Finance)

    • All matters relating to Admin & Finance
    • All matters relating to Annual Budget
    • All matters relating to Annual Plan
    • All matters relating to Performance Budget
    • To prepare replies to Parliament questions

    Any additional item of work, as directed by CCA

    Duties of Technical Offices

    • Certificate Signing and periodical CRL publishing
    • National Repository administration and management
    • LAN administration and management
    • Administration of   Routers, Firewall, Network IDS, DNS Primary and secondary etc.
    • Management of Web Server, Mail server, Server Protect, Office Scan
    • Website content management
    • Internet Gateway status monitoring 
    • Infrastructure management
    • Site co-ordination activities
    • Security and Access Control management and monitoring
    • Management of Power backup, Temperature and Fire Control Systems
    • Backup and Recovery management

     

    • Right To Information Act, 2005 4(1)(b)(iii):The procedure followed in the decision-making process, including channels of supervision and accountability.
      Technical Officers report to Assistant Controller, Assistant Controller reports to Deputy Controller and Deputy Controller reports to Controller Of Certifying Authorities. 
    • Right To Information Act, 2005 4(1)(b)(iv): The norms set by it for the discharge of its functions.

     

    Norm Title IT Act, 2000
    Effective date of Norm Friday, June 9, 2000
    Norm Definition Definition
    Guidelines  

    Right To Information Act, 2005 4(1)(b)(v) :

  • The rules, regulations, instructions, manuals and records,
    held by it or under its control or used by its employees for discharging functions

     

    Rule Title Information Technology
    (Certifying Authorities) Rules, 2000
    Effective date of Rule 17th October, 2000
    Rule Definition Definition
    Detailed Guidelines for the Rule Guidelines

     

    Guidelines Title Guidelines For Submission Of Application For Licence To Operate As A Certifying Authority Under The It Act, 2000
    Effective date of Guidelines July 9, 2001
    Guidelines Definition Definition
    Detailed Guidelines for the Guidelines

    Guidelines

 

Right To Information Act, 2005 4(1)(b)(vi):

A statement of the categories of the document that are held by it or under its control

Right To Information Act, 2005 4(1)(b)(vii):
The particulars of any arrangement exists for consultation with, or representation by, the members of the public in relation to the
formulation of its policy or implementation thereof.

1. India PKI Forum

Advisory forum of CAs and those with demonstrable interest in PKI to advise the CCA on technology standards &
other related issues of PKI, and inter-operability issues for a successful PKI in the country.

2. Auditor's Panel
CCA maintains a panel of Auditors who carry out audits of CA infrastructure to ensure compliance to IT Act, Rules and Regulations

The audit criteria is published here
The list of auditors are published here 

Right To Information Act, 2005 4(1)(b)(viii):  A statement of the boards, councils, committees and other bodies consisting of two or
more persons constituted as its part or for the purpose of its advice, and as to whether meeting of those boards, councils,
committees and other bodies are open to the public or minutes of such meetings are accessible for public.

(Not Applicable)

Right To Information Act, 2005 4(1)(b)(ix): A directory of its officers and employees.

 

 

Right To Information Act, 2005 4(1)(b)(x): 
The monthly remuneration received by each of its officers and employees, including the system of compensation as provided in its regulations: as per Rule

 

Right To Information Act, 2005 - 4(1)(b)(xi): The budget allocated to each of its agency, indicating the particulars of all plans proposed expenditures and reports on disbursements made.
Budget allocated for the Current Financial Year (2019-2020)

Name Designation Telephone E-mail
Dr. Rajendra Kumar Controller of Certifying Authorities 24363073 cca[at]cca.gov.in
Shri. Aashish Banati Deputy Controller(Technical) 24301405 dycont-tech[at]cca.gov.in
Shri.Dilip Kumar Barman Assistant Controller (Technical) 24364186 barman.dk[at]cca.gov.in
Gp Capt Pradeep Mehta Director(Fin & Admin) 24301253 mehta.pradeep[at]cca.gov.in
Shri. Ramachandran P Scientist 'F' 24301515 ram[at]cca.gov.in
Shri. Shamsuddin Khan Scientist 'E' 24301520 skhan[at]cca.gov.in
Shri. Ram Prakash Pandey Scientist 'E' 24301255 rpp.pandey[at]cca.gov.in
Shri. Prabhat Kumar Scientist 'D' 24301516 prabhat[at]cca.gov.in
Shri Deepak Kumar Scientist 'C' 24301518 deepak.sukhija[at]cca.gov.in
Shri. Sanjeev Juyal Private Secretary 24301906 juyalsanjeev74[at]cca.gov.in
Shri. Ajay Kumar Private Secretary 24301905 ajaykr[at]cca.gov.in
Smt. Anita Nagrath Assistant Section Officer 24301752 anitanagrath[at]cca.gov.in
Smt. Kamlesh Sharma Personal Assistant 24301753 sharmakamlesh[at]cca.gov.in
Shri. Vijay Singh Personal Assistant 24301514 vijay[at]cca.gov.in
SI No. Object Heads Heads Budget in Thousand of Rupees( )
i) 88.03.01 Salaries 30000
ii) 88.03.06 Medical Treatment 1500
iii) 88.03.11 Domestic Travel Expenses 1500
iv) 88.03.12 Foreign Travel Expenses 1000
v) 88.03.13 Office Expenses 21500
vi) 88.03.20 Other Administrative Expenses 300
vii) 88.03.26 Advertising and publicity 5000
viii) 88.03.28 Professional Services 5000
ix) 88.03.30 Other Contractual Services 2500
x) 88.03.31 Grants-in-Aid General 11000
xi) 88.03.50 Other Charges 700
Total Budget Allocation 80000

Right To Information Act, 2005 - 4(1)(b)(xii): The manner of execution of subsidy programs, including the amounts allocated and the details of beneficiaries of such programmes.

(Not applicable)

Right To Information Act, 2005 - 4(1)(b)(xiii):The particulars of recipients of concessions, permits or authorisations granted by it.

The CCA licenses Certifying Authorities (CAs) and exercises supervision over their activities. CCA issues licenses to CAs by signing/certifying their public keys, i.e. signing their Digital Signature Certificates more commonly known as Public Key Certificates (PKCs).  

A Certifying Authority (CA) can operate in the country after being duly licensed by the CCA as per provisions of the IT Act. It provides services to its subscribers and relying parties as per its Certificate Practice Statement, which is approved by the CCA as part of the licensing procedure. The licence of a CA can be suspended or revoked by the CCA as provided under section 25 of the IT Act

The CPS of a CA covers the practices followed by the CA for the procedures related to the certificate application, issuance, use, validation, suspension, revocation and their expiry, as well as the operational maintenance of the CA and repository

List of CA certificates certified by CCA and CRL of CAs are available  here

 

Right To Information Act, 2005 - 4(1)(b)(xiv):Details in respect of the information, available to or held by it, reduced in an electronic form.
The CPS of RCAI covers the practices followed by the CCA for the procedures related to the Licence/certificate application, issuance, use, validation, suspension, revocation and their expiry, as well as the operational maintenance of the RCAI and NRDC.

 

Right To Information Act, 2005 - 4(1)(b)(xv):The particulars of facilities available to citizens for obtaining information, including the working hours of a library or reading room, if maintained for public use.
Most of the information is available in electronic form published on the CCA  web site. The requests for information may be sent to the office in the following address:
PIO, Controller of Certifying Authorities  
Electronics Niketan, 6 CGO Complex, Lodhi Road, New Delhi 110003
The request for information can also be sent to the

mail address, info[AT]cca.gov.in, during working hours.

 

Right To Information Act, 2005 - 4(1)(b)(xvi):  The names, designations and other particulars of the Public Information Officers.

(Not applicable)

 

Right To Information Act, 2005 - 4(1)(b)(xvii):  Such other information may be presented as may be prescribed and thereafter update these publications every year.

(Not Applicable)