Circular No. 04/2019/TT-BTTTT dated July 05, 2019 of the Ministry of Information and Communications on prescribing the connection between the National Digital Signature Certification Authority and the Government’s specialized digital signature certification authority

CIRCULARLưu thông tin

Prescribing the connection between the National Digital Signature Certification Authority and the Government’s specialized digital signature certification authority ^[1]

Pursuant to the November 29, 2005 Law on E-Transactions;

Pursuant to the Government’s Decree No. 130/2018/ND-CP of September 27, 2018, detailing the Law on E-Transactions regarding digital signatures and digital signature certification services;

Pursuant to the Government’s Decree No. 17/2017/ND-CP of February 17, 2017, defining the functions, tasks, powers and organizational structure of the Ministry of Information and Communications;

At the proposal of the Director of the National Electronic Authentication Center,

The Minister of Information and Communications promulgates the Circular prescribes the connection between the National Digital Signature Certification Authority and the Government’s specialized digital signature certification authority.

Article 1. Scope of regulation

This Circular prescribes the connection between the National Digital Signature Certification Authority and the Government’s specialized digital signature certification authority.

Article 2. Subjects of application

This Circular applies to the following individuals and organizations:

1. The National Digital Signature Certification Authority;

2. The Government’s specialized digital signature certification authority;

3. Public digital signature certification authorities;

4. Agencies, organizations and individuals using public digital signatures and Government’s specialized digital signatures;

5. Agencies, organizations and individuals developing digital signature use applications.

Article 3. Interpretation of terms

In this Circular, the terms below are construed as follows:

1. “Original digital certificate of the National Digital Signature Certification Authority” means the digital certificate issued by the National Digital Signature Certification Authority for itself.

2. “Original digital certificate of the Government’s specialized digital signature certification authority” means the digital certificate issued by the Government’s specialized digital signature certification authority for itself.

3. “Public digital certificate” means a digital certificate issued by a public digital signature certification authority for a subscriber.

4. “Government’s specialized digital certificate” means a digital certificate issued by the Government’s specialized digital signature certification authority for a subscriber.

5. “SHA-1 digital certificate” means a digital certificate using Secure Hash Algorithm 1 in its digital certificate signing algorithm.

6. “SHA-356 digital certificate” means a digital certificate using Secure Hash Algorithm 256 in its digital certificate signing algorithm.

7. “Public digital signature” means a digital signature created with the use of a private key corresponding to a public key shown in the public digital certificate.

8. “Government’s specialized digital signature” means a digital signature created with the use of a private key corresponding to a public key shown in the Government’s specialized digital certificate.

9. “Mutual recognition model” means a connection model between the two digital signature certification authorities, in which agencies, organizations and individuals using digital certificates issued by a digital signature certification authority may trust original digital certificates of the other authority and vice versa.

Article 4. Connection model

The connection model between the National Digital Signature Certification Authority and the Government’s specialized digital signature certification authority is the mutual recognition model.