FIPS-201 hits the street

GCN Insider | TRENDS & TECHNOLOGIES that affect the way government does IT

With a fall deadline looming for federal agencies to start issuing Personal Identity Verification cards in compliance with Homeland Security Presidential Directive 12, the question on many minds is: When will the General Services Administration start approving products and services that adhere to the necessary standards? In this case, the National Institute of Standards and Technology's FIPS-201 standards.

VeriSign Inc. of Mountain View, Calif., said recently that its Shared Service Provider Public Key Infrastructure technology had received GSA approval, opening the door for agencies to use it in their PIV deployments.

George Schu, VeriSign's public sector head and a former Navy officer, said the company was the first FIPS-201-certified shared-services provider, building on its base of managed security solutions for government. In February 2004, the Federal Identity Credentialing Committee established requirements and a process for certifying vendors to provide PKI and smart-card issuing services for federal agencies. FICC spelled out a common identity credential for physical and logical access to Federal facilities and IT systems. In July 2004 VeriSign was the first provider certified by FICC. The company said its government-approved shared services mirror the managed PKI system it's been offering to other customers for about a decade.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above