The Brazilian Association of Digital Identification Technology Companies (ABRID) met today at the National Institute of Information Technology (ITI) with entities from the digital certification sector to discuss the modernization of the Brazilian Public Key Infrastructure (ICP-Brasil). The meeting aimed to address critical developments in the area. ABRID’s executive president, Célio Ribeiro, represented the organization.
One of the main proposals presented during the meeting was the need to establish a new certification chain to replace the V5 chain that is about to expire. With the V5 chain set to expire in March 2029, the urgency of issuing one was highlighted. Failure to do so by March 2024 could result in an inability to issue 5-year digital certificates to end users.
Another significant point discussed was the change in certification policies. ITI intends to take this opportunity to redesign them while introducing enhanced security measures. One of the changes includes the elimination of the A1 digital certificate for individuals, restricting users to A3 or cloud digital certification options.
A notable proposition presented during the meeting was the transformation of the Legal Entity’s digital certificate into an Electronic Seal. Currently, the digital certificate of this type includes personal data of the individual responsible for the organization. The ITI aims to change this practice, taking inspiration from the European model known as the Electronic Seal. This change would replace the concept of “digital signature” and would continue to guarantee the authenticity of digital documents such as electronic invoices, for example.
In addition, discussions revolved around a new system for recognizing SSL/TLS certificates by web browsers. Currently, a Certificate Authority (CA) must be accredited by the CA/Browser Forum for browsers to recognize its certificates. Despite previous attempts by Brazil to include its model in the repository, success has remained elusive. ITI now proposes that each AC accredited in ICP-Brasil independently seek this recognition. Once achieved, ITI would then approve the CA to issue SSL/TLS certificates. This change will solve the problem of finding suspicious websites, ensuring safer browsing.
In his remarks, ABRID’s Executive President emphasized the critical importance of looking to the future and seeking lasting solutions while, at the same time, maintaining security and legal validity, very strong characteristics of ICP-Brasil.
“You have to look forward. If ICP-Brasil has existed for 22 years, it is because it had the ability to respond to the challenges imposed at its time. In order for it to celebrate even more years, it is necessary to adopt not just a vision or a schedule, but an effective series of actions that modernize it and place it at the very best in the universe of digital signature technologies”, highlighted Célio Ribeiro.