JITC Seal
DoD PKI Interagency/Partner Interoperability Testing

 

Public Key Infrastructure Home / CAC Lab / GDS Lab / PKE Lab / PKI Lab / DoD PKI CCEB/Partner Interoperability Testing

Acronyms / Frequently Asked Questions / Online Resources / POCs / Request for Information / Terms and Definitions


Application Testing / External Certification Authority Testing / Online Certificate Status Protocol Responder Testing / DoD PKI Interagency/Partner Interoperability Testing




Overview

Secure information sharing between the Department of Defense (DoD) and its external partners requires Public Key Infrastructure (PKI) interoperability. Like the DoD, many Federal Agencies and DoD partners have implemented a PKI to secure their applications and networks. In the past, these external PKIs were designed to operate independently. Internal policies, technical challenges and vendor selection have all contributed to these different identity management and information protection solutions.

HSPD-12, FIPS-201, and the Federal Bridge Certificate Authority (FBCA) have been implemented to synchronize identity management and information protection across the federal government. These initiatives aid the federal government and private industry in building PKI based solutions that interoperate moving forward.

As deployed PKIs transition to full compliance, the need to share information cannot wait. Legacy PKIs in the near term will have to interoperate with PKIs that fall in line with the FBCA. The DoD is currently evaluating these external PKIs for implementation on DoD systems. Per DoD CIO Memo, SUBJECT: Approval of External Public Key Infrastructures, the DoD PKI Program Management Office (PMO), the DoD Public Key Enabling (PKE) Team and the DoD External Interoperability Working Group will be responsible for interoperability testing and approval.



Procedure

DoD External Interoperability Plan, version 1.0 specifies the process by which an external PKI can be approved to interoperate with the DoD PKI. The process differs according to the classification of the external PKI:

The interoperability testing phase of this process is conducted by the Joint Interoperability Test Command PKE Lab according to the DoD PKI Interoperability Test Plan, verison 2.0. Two key trust models are tested:



External PKI Testing Status

The following table contains information on external PKIs that have completed interoperability testing with the DoD PKI.

More detailed information can be found at http://iase.disa.mil/pki-pke/interoperability/index.html.

Test Status Color Codes
Not Tested Test In Progress Test Complete Not Interoperable Interoperable
This trust model was not tested. Testing is in progress. Testing is complete. External PKI is non-interoperable

using this trust model.
External PKI is interoperable

using this trust model.



External PKI PKI Category Federal Bridge Relationship Date Tested Direct Trust Model Cross Certified Trust Model
SHA-1 SHA-256 SHA-1 SHA-256
ActivIdentity PIV-I Service Category II CertiPath Bridge Member 08/2011 Not Tested Interoperable Not Tested Not Tested
Boeing Medium Assurance Domain Category II CertiPath Bridge Member 07/2013 Interoperable Not Tested Not Tested Interoperable
Booz Allen Hamilton Inc. Category II Member through Symantec NFI 12/2012 Interoperable Interoperable Interoperable Not Tested
Citi Managed Identity Services Category II CertiPath Bridge Member 07/2011 Not Tested Interoperable Not Tested Not Tested
Computer Sciences Corp Category II Member through Symantec NFI 01/2013 Not Tested Interoperable Not Tested Interoperable
Department of Energy Category I Member through Entrust SSP 02/2010 Interoperable Interoperable Not Tested Not Tested
Department of Homeland Security Category I Member through U.S. Treasury SSP 03/2009 Interoperable Interoperable Not Tested Not Tested
Department of Justice Category I Member through Entrust SSP 09/2008 Interoperable Interoperable Not Tested Not Tested
Department of State Category I Federal Bridge Member 06/2011 Interoperable Interoperable Not Tested Not Tested
Department of Transportation Category I Member through Symantec SSP 11/2008 Interoperable Interoperable Not Tested Not Tested
Department of Treasury Category I Federal Bridge Member 12/2008 Interoperable Interoperable Not Tested Not Tested
Department of Veterans Affairs Category I Federal Bridge Member 10/2011 Not Tested Interoperable Not Tested Not Tested
Eid Passport, Inc. Category II Member through Symantec NFI 10/2013 Interoperable Interoperable Interoperable Interoperable
Environmental Protection Agency Category I Member through ORC SSP 12/2008 Interoperable Interoperable Not Tested Not Tested
Exostar Category II Certipath Bridge Member 06/2011 Interoperable Not Tested Interoperable Not Tested
Exostar (Issuing CA2) Category II Certipath Bridge Member 06/2013 Interoperable Not Tested Interoperable Not Tested
Federal Aviation Administration Category I Member through Symantec SSP 05/2009 Interoperable Interoperable Not Tested Not Tested
General Services Administration Managed Service Office Category I Member through Entrust SSP 05/2011 Interoperable Interoperable Not Tested Not Tested
Human Health Services Category I Member through Entrust SSP 11/2013 Not Tested Interoperable Not Tested Interoperable
Lockheed Martin Category II Certipath Bridge Member 07/2013 Interoperable Not Tested Interoperable Not Tested
National Aeronautics and Space Administration Category I Member through U.S. Treasury SSP 03/2009 Interoperable Interoperable Not Tested Not Tested
National Institute of Standards and Technology Category I Member through Entrust SSP 02/2009 Interoperable Interoperable Not Tested Not Tested
Northrop Grumman Corporation Category II Certipath Bridge Member 06/2013 Interoperable Not Tested Interoperable Not Tested
Operational Research Consultants Non-Federal Issuer Category II Federal Bridge Member 03/2012 Not Tested Interoperable Not Tested Not Tested
Raytheon Category II Certipath Bridge Member 06/2013 Interoperable Not Tested Interoperable Not Tested
Social Security Administration Category I Member through U.S. Treasury SSP 01/2009 Interoperable Interoperable Not Tested Not Tested
Verizon Non-Federal Issuer Category II Federal Bridge Member 07/2011 Not Tested Interoperable Not Tested Not Tested

Top of Page

  Last Revision: 08 Nov 13

Loading Footer...