Professional Documents
Culture Documents
Department of Education
INFORMATION AND COMMUNICATIONS TECHNOLOGY SERVICE
User Support Division
Table of Contents
Table of Contents
On the other hand, what is the best email provider to use when encrypting and signing emails?
Contact Us
Through the PKI, the government’s delivery of services to citizens and businesses becomes safer,
faster, and more efficient.
This need is where the PKI comes in; it addresses authenticity, confidentiality, and integrity of
information.
The RA will then ask the Certificate Authority to generate a key or code and give it to you after
processing.
It is not the certificate you need to protect but the private key associated with it.
Hence, in cryptographic tokens, the private key is generated and cannot be extracted from it.
Soft tokens, however, store this private key as an encrypted electronic file; you cannot easily
decipher it.
If someone fraudulently gets a copy of the token and the passphrase, use the private key and the
digital certificate to sign documents or open encrypted email.
However, should you choose that option, you will not be able to:
Or you can use the certificate every time you need secure communication or require the certificate
for authenticity, confidentiality, and integrity of data.
As long as the other person is aware, you can submit the required documents for the application on
their behalf.
The applicant will be the one to receive their digital certificate through email.
You have to apply for a new certificate every time it expires and go through the application process
again.
● Authentication certificate – used in applications that require the user to log in and encrypt
email.
● Signing certificate – used to sign documents digitally.
If the private key or the paraphrase is lost or compromised, the infrastructure revokes the
certificate; in that case, it shall generate a new key and its associated digital certificate.
If it is a cryptographic token and the company or CA owns it, the user should surrender it.
Individual owners may continue using the certificates for transactions outside the concerned agency.
For example, you cannot lend it to other people or use it to forge documents or commit illegal acts
with it.
UNAUTHORIZED AND ILLEGAL USE OF THE DIGITAL CERTIFICATE IS PUNISHABLE BY LOCAL AND
INTERNATIONAL LAW.
A policy document will be issued specifying penalties for every administrative or criminal offense
committed involving or using a digital certificate.
This process will take one to two days, depending on the completion of requirements.
After submission of complete documents, you receive the certificate within a day or two.
Section 4.2.3 of the RootCA-CP states that the issuance of the digital certificate should not exceed
five calendar days after successful identity verification.
They may get a third certificate, which is yet to apply for PKI-enabled machines.
Google Chrome, Microsoft Edge, Apple Safari, and other browsers do not recognize Java.
On the other hand, what is the best email provider to use when
encrypting and signing emails?
We recommend using email clients such as Mozilla Thunderbird and Microsoft Outlook for your
digital certificates.
Contact Us
For inquiries and submission of applications, please email support.pnpki@deped.gov.ph.