PKI bridge approaching milestone

Later this month, the General Services Administration will announce the first government agencies to be cross-certified with the federal public-key infrastructure bridge, making it easier for agency users to exchange data securely.

The federal PKI bridge is designed as a way to link agencies' certificate authorities (CAs), which are the central component of a PKI. A CA is the server used to generate and manage digital certificates to identify users and secure their transactions.

By cross-certifying CAs certificate policies through the bridge, which acts as a trusted third party, an agency that needs to accept a certificate from another federal agency, and ultimately other non-federal entities, to conduct an electronic transaction will know that the certificate can be trusted.

On Sept. 18, GSA plans to hold a cross-signing ceremony that will show certificates from the Defense Department, the Agriculture Department's National Finance Center, NASA and the Treasury Department can interoperate, said David Temoshok, acting director for identity policy at GSA's office of governmentwide policy.

Those agencies' PKI domains "will be able to cross-certify through the bridge" and will be recognized by each other, Temoshok said while attending the Interagency Resources Management Conference in Hershey, Pa., this week. He added that in 2003, GSA hopes to add Illinois and Canada to that list.