Agencies to vote on bridge

Federal agency representatives will vote Thursday to approve the governmentwide mechanism that will enable agencies to exchange digital certificates for secure electronic transactions.

Agencies employing public-key infrastructure will be able to use the Federal Bridge Certification Authority to accept certificates from any other agency that is a member of the group. A digital certificate, used within PKI, can store identification, authentication and authorization information as well as provide encryption for electronic transactions.

The Federal PKI Steering Committee oversees the FBCA. Members will vote Thursday morning to approve the certificate policy and certificate practice statement that govern how the FBCA works, said Judith Spencer, chairwoman of the steering committee.

Once that vote passes, the FBCA will be available for agencies to use, she said, but it will not actually be in operation until agencies have applied to become members. For an agency to be included in the FBCA, the Federal PKI Policy Authority must approve the agency's existing certificate policy and certificate practice statement. Once approved, that policy will be mapped against the four certificate authentication levels — rudimentary, basic, medium and high — so that agencies know how other certificates correspond to their own policies.

NASA, the Agriculture Department's National Finance Center and the Federal Deposit Insurance Corp. are among he first agencies with PKIs in place that have expressed interest in applying to be FBCA members, Spencer said.

Energy Department officials are in the process of establishing their own PKI and are modeling their certificate policy and certificate practice statement on those used by the federal bridge so that the department can immediately apply for membership, Spencer said.