Get Rewarded for Creating a Homegrown Web Browser, Win Exciting Cash Prizes!
- ByStartupStory | August 11, 2023
The Ministry of Electronics and Information Technology has unveiled an enticing challenge for developers: design an indigenous Indian web browser with a global impact, and you could walk away with cash prizes totaling ₹3.4 crore. This announcement comes with a significant condition, however. Browser ideas submitted for the competition must place their trust in the Controller of Certifying Authorities (CCA), the Indian government’s agency responsible for digital signatures and SSL (Security Sockets Layer) certificates.
SSL certificates are pivotal in encrypting websites and ensuring browsers that a website remains unmodified and untampered with by potential attackers. For such certificates to be trusted, they must be issued by a certifying authority endorsed by a ‘root certifying authority’. Regrettably, India lacks a root certifying authority acknowledged by major browsers like Google Chrome, Mozilla Firefox, and Microsoft Edge.
Consequently, a situation has arisen where India’s government operates a root certifying authority that holds legal validity under Indian law — the Root Certifying Authority of India, established in 2000 under the CCA. Yet, certificates issued under its jurisdiction often go unrecognized by web browsers. As a result, both Indian government and private websites frequently resort to purchasing SSL certificates from foreign certifying authorities.
This announcement follows a notable security incident associated with an Indian certifying authority. The National Informatics Centre (NIC), a CCA-approved organization responsible for hosting and maintaining various Union and State Government websites, encountered trust issues with browsers due to its controversial history.
In 2014, several operating systems and web-browser developers, including Google Chrome and Firefox, ceased to trust India’s CCA in their ‘root store’ following suspicions that the NIC had issued fraudulent certificates to websites. Despite the CCA revoking NIC’s authorization for most SSL certificates, operating systems and browsers have yet to include RCAI-approved authorities in their trust stores.
Curiously, even the website for the Indian Web Browser Development Challenge, the very competition promoting this initiative, boasts an SSL certificate through Let’s Encrypt, a non-profit organization.
Currently, CCA’s primary focus revolves around digital signatures for documents; however, when it comes to SSL certificates, Indian websites have been compelled to rely on foreign certifying authorities. Officials behind the creation of an Indian browser that trusts local certifying authorities argue that it’s a crucial step toward reducing foreign dependence.
Arvind Kumar, the Controller of Certifying Authorities, emphasized the economic aspect, stating, “There is a huge amount of foreign exchange outflow which is happening” due to reliance on foreign certifying authorities. “Around ₹100 crore are being spent buying these SSL certificates overseas annually.”
Organized and financed in collaboration with the IT Ministry’s Research and Development division and the National Internet Exchange of India, this competition aims to usher in an era of homegrown web browsers, potentially transforming India’s digital landscape.
Follow Startup Story
Related Posts
