The Indian Web Browser Development Challenge (IWBDC), recently launched by the Ministry of Electronics & Information Technology, invites developers to create an Indigenous Indian Web Browser for global use. The competition’s key requirement is that the proposed browser must trust the Controller of Certifying Authorities (CCA), the Indian government’s authority responsible for digital signatures, including SSL (Secure Sockets Layer) certificates. The challenge marks a significant stride towards Aatmanirbhar Bharat, aiming to strengthen India’s digital sovereignty.
What is a Web Browser?
A web browser is software that enables people to access and explore the World Wide Web (www). Acting as an intermediary between a server and a client, it requests web documents and services from servers. Web browsers work as compilers that render HTML, the language used to design web pages. When users search for anything online, a web browser loads a page written in HTML, containing text, links, images, and other items such as stylesheets and Javascript functions. Notable examples of web browsers include Google Chrome, Microsoft Edge, Mozilla Firefox, and Safari.
The Indian Web Browser Development Challenge Explained
The IWBDC is an open competition aiming to inspire and empower technology enthusiasts, innovators, and developers nationwide to create an indigenous web browser. This browser would possess its own trust store with an inbuilt CCA India root certificate, have cutting-edge functionalities, and offer enhanced security and data privacy protection. Organized and financed by MeitY, CCA, C-DAC Bangalore, the IT Ministry’s Research and Development division, and the National Internet Exchange of India, the proposed browser aims to offer accessibility and user-friendliness, catering to individuals with diverse abilities. It also aims to digitally sign documents using a crypto token, thereby bolstering secure transactions and digital interactions.
Understanding Secure Sockets Layer (SSL) Certificates
An SSL certificate is a digital certificate that authenticates a website’s identity and facilitates an encrypted connection. It is a security protocol establishing an encrypted link between a web server and a browser, helping to keep online transactions secure and customer information private. While the Root Certifying Authority of India, established in 2000 under the CCA, is a legally valid root certifying authority, its certificates are not widely recognized by popular browsers. This has raised concerns about digital security and foreign exchange outflow.
Issues With Indian SSL System
India lacks a root certifying authority trusted by major web browsers such as Google Chrome, Mozilla Firefox, and Microsoft Edge. Consequently, both the government and private websites must obtain SSL certificates from foreign authorities. A notable incident regarding this issue involved the National Informatics Centre (NIC) in 2014 when browsers and operating systems ceased to trust the CCA after the NIC was linked to issuing fraudulent certificates. While the NIC lost its authorization for SSL certificate issuance, the trust in Indian certifying authorities remained compromised.
Understanding Digital Signatures & Their Authentication
A digital signature is an electronic form of a signature allowing the recipient to trust that a known sender sent the message and it remained unaltered during transit. They’re used to authenticate the identity of a message sender or a document signer, not to verify users’ authenticity for accessing a website or information on the Internet. The identification of the certifying authority is ascertained from the digital certificate, not the digital signature.
Discussion On Cyber Crimes
Cyber crimes include a range of activities conducted via computer systems and networks, targeting individuals, companies, and nations. They include hacking, illegal downloads, phishing, spreading malware, and more. To combat this menace, stricter regulations, improved cybersecurity systems, increased public awareness, and international cooperation are required.
The Pros & Cons of Cloud Hosting Vs In-House Servers
While cloud hosting offers scalability, flexibility, and lower upfront costs, it also has potential security issues, including data breaches and loss of data control. Conversely, in-house servers provide complete control and customization but require significant capital investment, technical expertise, and regular maintenance. Both options have their advantages and drawbacks and should be carefully considered by government businesses.
