Procedures for cross-certifying with the Federal Public Key Infrastructure

Applicant PKIs and Bridges may choose to cross-certify with the Federal PKI at one or more of the six levels of assurance of the Federal Bridge CA (rudimentary, basic, medium, medium commercial best practice, medium hardware, medium hardware commercial best practice, and PIV-I), or to cross certify at the Citizen and Commerce Class Certificate level of assurance. The actual requirements for cross-certification are listed below, but we encourage potential applicants to contact the Federal PKI Policy Authority prior to submitting any documentation, so that we can work with you actively to smooth the process.

Requirements for Cross-Certification and Interoperability with the Federal PKI:
Submit an Application for Cross-Certification signed by the responsible executive in charge of the applicant PKI (e.g., CIO, VP for Systems, etc.) to the Federal PKI Policy Authority Chair. Usually, this individual is in charge of funding and budget for the applicant's PKI.

Submit a copy of your PKI Certificate Policy for mapping, along with contact information for the individual tasked with seeing to the cross-certification. Please download a copy of the "FBCA CP mapping matrix" and/or the "C4CA CP mapping matrix" available on the web site to use as you prepare your Policy for mapping.

Submit a copy of the summary of your PKI's audit, stating that your operations comply with your CPS and that your CPS is in conformance with your CP. Please download a copy of the Audit Review Requirements from this web site to ensure you understand what language we are looking for.

If steps 1 - 3 are accomplished successfully, the Federal PKI Policy Authority will enter into negotiations with you to sign a mutually-acceptable Memorandum of Agreement (MOA) that will spell out our mutual responsibilities and expectations. For Bridges cross-certifying with the Federal Bridge CA, there are additional requirements to be fulfilled mutually.

Once the MOA is signed, the Federal PKI Policy Authority Chair directs the Director of the Federal PKI Management Authority to exchange cross-certificates with the new member PKI. Detailed discussions of all of these steps may be found in the FPKI Criteria and Methodology document on this web site, as well as many other supporting documents. At any time, feel free to contact us to discuss any questions you may have. The applicant should submit the information requested above in an electronic format to Deborah.Gallagher@gsa.gov and to FPKI.Webmaster@gsa.gov
 



Related Items





 

Critical Links

  • Latest Developments

    New and updated guidance within the Identity Management arena.

    Learn More about Identity Management ›

  • Government Smart Card Interagency Advisory Board (IAB)

    The IAB welcomes Federal partners, members of the vendor community, and any non-Federal government agencies that share the goal of federated and interoperable credentials.

    Go To IAB page ›

  • FIPS 201 Evaluation Program

    Determines if a product/service defined by FIPS 201 documentation complies with mandated requirements and for use by agencies in the acquisition of FIPS 201 products/services.

    Go To FIPS 201 Evaluation Program site ›

 
CIO.gov  ·   Data.gov  ·   GSA.gov  ·   Open Government  ·   Recovery.gov  ·   USA.gov  ·   Whitehouse.gov
Accessibility  ·   Plug-Ins  ·   Privacy  ·   Links  ·   Contact Us