Federal PKI Update Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority

Fed-Ed Dec. 14, Agenda 2005 Initiatives Current Status Ongoing Efforts/New Work Discussion

Fed-Ed Dec. 14, US FPKI Initiatives HSPD-12 Path Discovery/Path Validation Policy Updates Cross-Certifications Harmonizations

Fed-Ed Dec. 14, HSPD-12 Status Agency Plans Submitted 10/6/2005 – many extensions issued; SmartCard Standards Complete for Contact and Contact-less cards – vendors busy creating middleware and readers; FIPS 201 modifications published

Fed-Ed Dec. 14, Path Discovery/Path Validation Work NIST created test suite Four vendors demonstrated products/services that passed tests –Gemini TrustEnabler –Corestreet –Tumbleweed –Orion GOTS product

Fed-Ed Dec. 14, Policy Updates Creation of new LOA – Medium Hardware Creation of two new policies – Commercial Best Practice – to resolve citizenship issue Create new Common Policy High Assurance Level FBCA CP rewritten to RFC 3647 format Created Bylaws and revised Charter

Fed-Ed Dec. 14, Cross-Certifications in 2005 USPS (almost..) GPO DEA CSOS DOJ Wells Fargo Bank ACES/ORC SSP – ORC

Fed-Ed Dec. 14, Harmonizations Working with E-Authentication PMO to harmonize Federal PKI with Operating, Business Rules Working with ETSI (EU PKI) to harmonize policies Move Shared Service Provider Work Group from FICC to FPKI PA

Fed-Ed Dec. 14, Ongoing Efforts/New Work Bridge-to-Bridge Criteria and Methodology Bridge-2-Bridge Cross-Certifications (3) SSP – Treasury Dep’t. and DST/Identrus in process Rewrite Common Policy CP in RFC 3647 format Harmonize FBCA CP and FIPS 201 Compete Operational Authority Support Contract Stand up Validation Service Promulgate BPA for PKI services Future commercial PKI cross-certifications: Boeing, Wells Fargo (medium hardware) ISO accreditation Canada cross-certification Australia cross-certification

Fed-Ed Dec. 14, Discussion