Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal Government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a Federal Government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

FPKI Document Archive

This pages contains three years of FPKI documents including:

  • Certificate Policies
  • Certificate Profiles
  • Supplementary Guidance
  • Change Proposals

If you seek a document that is older than three years or not listed here, please contact fpki at gsa.gov

Document Name Date
Common Certificate Policy
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v2.0 09/01/2020
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.32 04/14/2020
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.31 02/08/2019
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.30 10/4/2018
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.29 10/10/2018
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.28 04/04/2018
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.27 06/29/2017
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.26 02/02/2017
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.25 09/22/2016
X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v1.24 05/07/2015
Common Change Proposal
FPKI Key Recovery Policy Consolidation into Common Policy 04/13/2021
Consolidated update to Common Policy and associated profiles 08/29/2020
Support for Personal Identity Verification-Interoperable (PIV-I) credentials issued under COMMON 03/10/2020
Change Requirement for Destruction of Private Signing Key(s) Following CA Termination 11/02/2018
Update Common Policy to Remove the common-public-trusted-serverAuth Certificate Policy 10/24/2018
Add Supervised Remote Identity Proofing and Other Guidance as Defined by NIST SP 800-63-3 04/23/2018
Requirements for Virtual Implementations under the COMMON Policy 07/21/2017
Certificate Revocation Requirements for Transitive Closure under the COMMON Policy 07/17/2017
Mandate Specific EKU in COMMON Policy CP and Its Associated Certificate Profiles 01/19/2018
Update COMMON Policy To Reference Annual Review Requirements 07/05/2017
Require Key Recovery for Key Management Certificates Issued under the COMMON Policy 07/05/2017
How Long Can PIV Card Stock Be Used Once They Are Removed From the GSA Approved Products List? 04/03/2017
CA Infrastructure Change Notification 04/03/2017
Notification of Issue Resolution and Remediation 04/03/2017
Align COMMON Certificate Policy with Certificate Profile Operational Practice 04/14/2017
Allow for Long-Term CRL for Retired CA Key 08/01/2016
CAB Forum Baseline Requirements Alignment 04/26/2016
Common Derived PIV Authentication Certificate Policy OIDs 04/02/2015
Require PIV Cards To Be on GSA APL Prior to Issuance 11/13/2013
Remove SHA-1 Policies from Common Policy 11/04/2013
Common Policy CP Clarifications Recommended to the FPKIMA during the Annual PKI Compliance Audit 08/13/2013
Common PIV Content Signing Policy OID 10/04/2012
Operate Common Policy CA Offline 08/14/2012
Delegation of Certain Device Sponsor Responsibilities 05/17/2012
Time Stamp Authority Requirement with Code Signing Certificates 05/03/2012
Updates to Certificate Policy to RA & CMS Audit Requirements 05/03/2012
Common Profile
X.509 Common Policy Certificate and Certificate Revocation List Profiles v2.0 09/01/2020
X.509 Common Policy Certificate and Certificate Revocation List Profiles v1.9 05/09/2018
X.509 Common Policy Certificate and Certificate Revocation List Profiles v1.8 07/17/2017
FPKI Trust Infrastructure Certificate Practice Statement
X.509 Certificate Practice Statement For the FPKI Trust Infrastructure v5.1 05/01/2020
Federal Bridge Certificate Policy
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.34 10/04/2018
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.33 05/10/2018
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.32 04/04/2018
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.31 06/29/2017
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.30 10/05/2016
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.29 05/20/2016
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.28 01/14/2016
X.509 Certificate Policy For The Federal Bridge Certification Authority (FBCA) v2.27 12/02/2013
Federal Bridge Change Proposal
Allow Offline Federal Bridge Certification Authority 02/28/2019
Add Supervised Remote Identity Proofing and Other Guidance as Defined by NIST SP 800-63-3 04/23/2018
Requirements for Virtual Implementations under the BRIDGE Policy 07/21/2017
Certificate Revocation Requirements for Transitive Closure under the BRIDGE Policy 07/17/2017
Mandate Specific EKU in BRIDGE Policy CP and Its Associated Certificate Profiles 01/19/2018
Update BRIDGE Policy To Reference Annual Review Requirements 07/06/2017
Require Key Recovery for Key Management Certificates Issued under the BRIDGE Policy 07/06/2017
Limit Affiliate Relationship to a Single Path 04/03/2017
How Long Can PIV-I Card Stock Be Used Once They Are Removed From the GSA Approved Products List? 04/03/2017
CA Infrastructure Change Notification 04/03/2017
Notification of Issue Resolution and Remediation 04/03/2017
Align BRIDGE Certificate Policy with Certificate Profile Operational Practice 04/14/2017
Allow Alternate FBCA Key Change Procedures 09/12/2016
Allow for Long-Term CRL for Retired CA key 08/01/2016
Subscriber Private Key Protection for Multiple Keys or Key Holders 12/16/2015
Align PIV-I Card Life with FIPS 201-2 11/24/2015
Clarifying Assertion of Policies for Devices 10/20/2015
Move SHA-1 Policies from Common Policy to FBCA and Remove 12-31-2013 Restriction on All SHA-1 Policies 11/04/2013
FBCA CP Clarifications Recommended to the FPKIMA during the Annual PKI Compliance Audit 08/13/2013
Updates to Certificate Policy to RA & CMS Audit Requirements 03/01/2012
Updates to Certificate Policy to RA & CMS Audit Requirements 03/01/2012
Remove requirements for Lightweight Directory Access Protocol (LDAP) references in certificates 09/20/2011
Changes to FBCA CP to clarify the archive definition and how its records are intended to be used 06/24/2008
Federal Bridge PIV-I Profile
X.509 PIV-I Certificate and Certificate Revocation List Profiles v1.2 07/17/2017
Supplementary Guidance
FBCA Supplementary Antecedent, In-Person Definition 07/16/2009