GSA plans financing to promote PKI initiatives within agencies

GSA plans financing to promote PKI initiatives within agencies

By Christopher J. Dorobek

GCN Staff

The General Services Administration will subsidize agencies' initial digital-certificate efforts in an attempt to jump-start public-key infrastructure development, GSA officials said.

The officials announced the Certificate Bank task order earlier this month at an all-day forum designed to educate feds about GSA's Access Certificates for Electronic Services contract, which is designed to be a governmentwide digital certificate.

Digital certificates are seen as cornerstones of electronic government initiatives because they will let citizens digitally sign documents, thereby assuring a person's identity.

One significant early hurdle for agencies is the upfront costs of implementing a PKI that would use digital certificates.

'There are a lot of agencies in a hurry to be second,' said John G. Sindelar, chief of staff at GSA's Office of Governmentwide Policy and chairman of the ACES Customer Advisory Board.

The Certificate Bank task order is designed to ease the initial burden and boost agency PKI projects, officials said. The 500,000 certificates in the Certificate Bank will be divided among the three ACES vendors, Sindelar said.

Bank on it

The Certificate Bank program would subsidize an agency's cost of buying a certificate, though the agency would still have to pay the transaction fee each time the certificate is used, he said. The ACES Customer Advisory Board is creating a method for evaluating proposals for the 500,000 certificates, he said.

The initial task order would also help reduce the transactional cost of the certificates because the ACES costs are reduced as the overall number of certificates increases. For example, initially agencies using ACES certificates will pay $1.20 each time a citizen uses the ACES certificate. That price drops to 40 cents once more than 100 million certificates are issued.

Earlier this month, GSA gave Digital Signature Trust Co. of Salt Lake City, one of three ACES vendors, interim approval to operate under the ACES contract. That certification means agencies can begin actually offering certificates for the first time.

'ACES has now reached a critical milestone,' said Richard Guida, chairman of the Federal Public-Key Infrastructure Steering Committee.

'This means they can start to issue full-fledged ACES certificates. This is wonderful news and shows that the ACES effort is entering its production phase. We are now coming to the end of the beginning for this work,' Guida said.

Final approval would be granted within approximately six months once Digital Signature Trust has demonstrated its 'continuing compliance in the operational environment,' GSA said.

The vendors must be certified to show they are complying with guidelines set out by GSA and the National Institute of Standards and Technology, said Judith A. Spencer, director of the Center for Governmentwide Security in GSA's Federal Technology Service.

The two other vendors, AT&T Corp. and Operational Research Consultants Inc. of Chesapeake, Va., are expected to complete the certification process by the end of next month, Spencer said.

Throughout the all-day ACES forum, officials sought to remind program managers that PKI is more than just issuing digital certificates.

'There is more to ACES than the basic services,' said Thomas Burke, assistant commissioner for information security at GSA's Federal Technology Service.

The other services are 'important to building your PKI,' Burke said.

'ACES is a framework,' Guida said.

Spencer said the ACES contract offers many of the services necessary to develop a public-key infrastructure, including planning and risk assessments.

inside gcn

  • IoT analytics platform

    Modern data analytics for public safety IoT

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above