Trust Services
This page is for agencies to view the current service providers that have an identity federation agreement with the U.S. Government.
The services provided rely upon a level of trust to be established with the U.S. Government. This trust is managed through legal agreements; technology agreements; and regular auditing of the services, procedures, and practices. These agreements and audits are managed by the Federal Public Key Infrastructure (FPKI).
If you are looking for a list of all possible Certification Authorities in the FPKI, please review the list of PIV CAs and Agencies or the FPKI Graph.
Overview
Trust Services providers offer services related to identity and credentialing of persons and operate within identity federations. These provider services specifically include:
- Issuing and managing person identity and device identity certificates using PKI.
- Issuing and managing person identity credentials for PIV and Common Access Card (CAC) hardware credentials that are tied to PKI.
- Issuing and managing person identity credentials using other identity federation technologies (for example, a person may be identity-proofed, have an account in the service, and use one-time password credentials to authenticate).
We’ve categorized the service providers given below by type of identity and credential and what population is served:
- Government Identity Services – Covers the FPKI Shared Service Providers (SSPs)
- Business Identity Services – Covers PIV-Interoperable (PIV-I), and other PKI certificates
- Trust and Auditing of Services – Covers PKI Bridges that are cross-certified into the FPKI
Government Identity Services
These organizations operate as FPKI Shared Service Providers (SSPs) for federal agencies. All organizations operate Certification Authorities, are audited, and have and maintain a FISMA Authorization To Operate (ATO). To request a copy of a specific system’s ATO, please contact FPKI at GSA.gov.
All of the Certification Authorities operated by these FPKI SSPs issue certificates for federal workforce identity, including for PIV credentials. A subset of the FPKI SSPs also issue and manage government enterprise device certificates.
Information on publicly trusted device certificates used for TLS (HTTPS) on the internet, recommendations on government configurations, and which PKI providers/Certification Authorities to use can be found at this HTTPS guidance website.
| Organization | Customer Service | Tech Support |
|---|---|---|
| Department of the Treasury | Daniel Wood (202) 622-5144 |
Joe Gribble (304) 480-7608 |
| DigiCert Federal Shared Service Provider (formerly Symantec) | ts_managers at digicert.com | fpki_support at digicert.com |
| Entrust Federal Shared Service Provider | Patrick Garritty (703) 901-1388 |
support at entrust.com |
| Verizon/Cybertrust Federal Shared Service Provider | Russ Weiser (801) 631-1685 |
Russ Weiser (801) 631-1685 |
| WidePoint Federal Shared Service Provider | Jason Holloway, Caroline Godfrey (800) 816-5548 WCSC-Info at ORC.com |
Jim Manchester (800) 816-5548 PKIPolicy at ORC.com |
Business Identity Services
These organizations operate services for persons who are affiliated with a business, State, Local, Tribal, Territorial, or non-profit. These are often used by a business person to digitally sign documents with the U.S. Government as a business representative or to authenticate to a small number of government applications.
For each, we identify whether the services include:
- Person identity using PKI, including PIV-I credentials
- Person identity using other PKI certificates for business-to-government digital signatures
| Organization | Customer Service | Tech Support | Type of Person Identity Credentials |
|---|---|---|---|
| Carillon Information Security | Marc St-Jacques (844) 754-7484 x125 |
Marc St-Jacques (844) 754-7484 x125 |
PIV-I Credentials |
| DigiCert | ts_managers at digicert.com | fpki_support at digicert.com | Other PKI Credentials |
| Entrust | Patrick Garritty (703) 901-1388 |
support at entrust.com | PIV-I Credentials Other PKI Credentials |
| Exostar | info at exostar.com | (703) 793-7800 Open a case online |
Other PKI Credentials |
| Foundation for Trusted Identity (FTI) | Kenneth Boley (210) 704-1650 info at fti.org |
Sam Dibrell, Jr. (210) 704-1650 |
PIV-I Credentials |
| IdenTrust | IdenTrust Customer Support Support at IdenTrust.com (800) 748-5360 |
IdenTrust Customer Support Support at IdenTrust.com (800) 748-5360 |
PIV-I Credentials Other PKI Credentials |
| WidePoint | Jason Holloway, Caroline Godfrey (800) 816-5548 WCSC-Info at ORC.com |
Jim Manchester (800) 816-5548 PKIPolicy at ORC.com |
PIV-I Credentials Other PKI Credentials |
Non-Government PKI Trust Framework
The FPKI Policy Authority reviews the PKI trust frameworks of a small number of non-government organizations to determine whether the policies, processes, legal agreements, privacy protections, security controls, and audit requirements are comparable with the U.S. Government Federal PKI requirements. If comparable, the organizations that manage their communities’ rules act as a PKI bridge.
These organizations do not manage identities or credentials for their community directly. Services that are certified and audited by these organizations provide federated PKI identity and credentials. These services are listed above the Business credentials section.
| Trust Framework | Customer Service | Tech Support | Community |
|---|---|---|---|
| CertiPath | Judith Spencer (301) 974-4227 |
support at certipath.com (855) 758-0075 |
Aerospace and Defense International |
| SAFE Identity | Kyle Neuman (301) 943-7583 |
info at makeidentitysafe.com (703) 705-2920 |
Healthcare International |
| STRAC | Eric Epley (210) 233-5850 |
Ryan Ahlfors (210) 233-5850 |
State and Local |
| TSCP, Inc. | Shauna Russell (202) 769-9114 |
Steve Race (703) 980-8915 |
Aerospace and Defense International |