Section 18: Key Management

Q: What does Section 18 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) deal with?

Section 18 TITCAR pertains to "Key Management". It is part of the The Information Technology (Certifying Authorities) Rules, 2000, a legislation enacted by the Parliament of India. Section 18 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) governs key Management. As verified on 19 May 2026.

Q: Is Section 18 TITCAR still in force?

Yes, Section 18 of the The Information Technology (Certifying Authorities) Rules, 2000 is currently in force across the Republic of India.

Q: What is धारा 18 TITCAR?

धारा 18 TITCAR is the Devanagari Hindi reference for Section 18 of the The Information Technology (Certifying Authorities) Rules, 2000. Section 18 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) governs key Management. As verified on 19 May 2026.

Q: What is Dhara 18 TITCAR?

Dhara 18 TITCAR is the Roman Hindi reference for Section 18 of the The Information Technology (Certifying Authorities) Rules, 2000. "Dhara" means "Section" in Hindi. Section 18 of The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR) governs key Management. As verified on 19 May 2026.

Q: How to cite Section 18 of The Information Technology (Certifying Authorities) Rules, 2000?

Cite as: "Section 18, The Information Technology (Certifying Authorities) Rules, 2000 (TITCAR)" in legal briefs. For academic writing, use the BlueBook format: The Information Technology (Certifying Authorities) Rules, 2000, § 18 (India).

Law on Tips Editorial Board

18.1

Generation.-(1) The subscriber's key pair shall be generated by the subscriber or on a key generation system in the presence of the subscriber.

(2)

The key generation process shall generate statistically random key values that are resistant to know attacks.

18.2

Distribution of Keys.-Keys shall be transferred from the key generation system to the storage device (if the keys are not stored on the key generation system) using a secure mechanism that ensures confidentiality and integrity.

18.3

Storage.-(1) Certifying Authority's keys shall be stored in tamper-resistant devices and can only be activated under split-control by parties who are not involved in the set-up and maintenance of the systems and operations of the Certifying Authority. The key of the Certifying Authority may be stored in a tamper-resistant cryptographic module or split into sub-keys stored in tamper-resistant devices under the custody of the key custodians.

(2)

The Certifying Authority's key custodians shall ensure that the Certifying Authority's key component or the activation code is always under his sole custody. Change of key custodians shall be approved by the Certifying Authority's management and documented.

18.4

Usage.-(1) A system and software integrity check shall be performed prior to Certifying Authority's key loading.

(2)

Custody of and access to the Certifying Authority's keys shall be under split control. In particular, Certifying Authority's key loading shall be performed under split control.

18.5

Certifying Authority's Public key delivery to users.-The Certifying Authority's public verification key must be delivered to the prospective Digital Signature Certificate holder in an on-line transaction in accordance with PKIX-3 Certificate Management Protocol, or via an equally secure manner.

Law on Tips(LOTS)

Section 18

Key Management

Related Sections