DISA taps two for digital certificates

The Defense Information Systems Agency yesterday selected two vendors to supply and manage the digital certificates that provide the security underpinnings for several key Internet-based applications.

Operational Research Consultants Inc. and Digital Signature Trust Co., the first two Interim External Certificate Authorities (IECAs), will support public-key infrastructures securing communications between DOD and its external contractors. In a PKI, digital certificates verify the identity of each party in a digital transaction.

DOD plans to use the IECAs to secure communications on three applications: the Defense Travel System, which provides a single electronic point of access for all defense travel services; Electronic Document Access, which will enable vendors to access DOD solicitations and modifications over the Internet; and the Paperless Contracting Wide-Area Work Flow, which will collect documents and forms from vendors and DOD sources.

The number of non-DOD users for the three applications could top 300,000 in the next year, according to DISA. Other IECA contracts will be awarded next month.

The IECA contracts will last for one year, after which DISA will put in place permanent external certificate authorities. DOD aims to have certificate authorities provide and manage digital certificates for use by any external user on all Defense World Wide Web servers by June 2000.