Electronic Certificate

Certificates and electronic signatures

The difference between “digital certificate” and “electronic signature” is not always obvious.

A digital certificate is a set of files, some of which is public and contains identity elements. At this public portion corresponds a private party (known as "public key" and "private key") that is never exchanged. The digital certificate also contains the signature of the authority that issued it.

   The electronic certificate can be used for:

• Authenticate sites or applications
• To sign a document electronically
• Encrypt a document electronically

By analogy with the handwritten signature, to sign an act, is both put a sign recognizable and due to someone (a signature authenticates the signatory), and indicate that we approve the content of the document.

The electronic signature enables:

• Strong authentication of the sender: verifying the identity of the sender.
• Integrity: electronic signature ensures the integrity of the document (or transaction) because any change of the signed document is detectable.
• The guarantee of consent:  by electronic signature, guaranteeing the issuer's consent is secured, and the document is not repudiable.

 Certification authority

The validity of the authentication elements contained in the digital certificate is provided by a certification authority (CA). The CA is responsible for issuing digital certificates, to assign an expiry date and ensure the identity of its owner through:

Verification of information contained therein

With surrender control of the identity of the person to whom it is intended

Monitoring and managing its lifecycle, from its issue until its expiry or revocation.

It must also make available to the agency / entity / person the opportunity to revoke certificates in case of loss or compromise of the private key, or when changes of data contained in the certificate.

The Certification Authority assumes, with respect to its subscribers and others, legal liability on the certificates that it issues, according to law.

  In Morocco, Barid eSign is the first production platform of electronic certificates, which aims to produce certificates for strong authentication, secure signature and timestamp, allowing users to affix their signatures to any kind of electronic exchange with the same probative force as handwritten signatures.

The offer Barid eSign of Barid Al-Maghrib, hinges on several kinds of certificates, including the delivery mode, the identity verification and the rights, depend on true classes :

• 1st Class - software Certificate P12: A first class is a software format that can be automatically  downloaded from the site www.barideSign.ma for uses in areas which do not require a need for probative evidence.
• 2nd Class - Certificate of cryptographic support: A second class of certificates qualified on physical media (smart cards, USB ...) with a higher security level due to a deliverance process “ face to face” that can be used within companies or in predetermined ecosystems.
• 3rd Class - Certificate in evaluated cryptographic support: The third class, whose value is probative concern certificates embedded in cryptographic keys and produced according to the certification policy adopted by the ANRT. The use of these certificates guarantees for stakeholders a probative evidence and no rebuttable for any electronic transaction.

Services requiring a certificate

• Sending messages with automatic registration e-Barkia.
• Paying taxes online (IMB)
• Online submission for Government Procurement (TGR)

Legal and regulatory framework

• 53.05 law governing electronic exchange in Morocco
• Certificate Policies supporting the electronic signature for the AC under the Class 3 Root AC baridesign e-gov
• Terms of Use and acquisition of secure electric certificate