PKI Steering Committee chooses signature app

The General Services Administration’s Federal Public-key Infrastructure Steering Committee, in a significant move toward adopting a governmentwide PKI, is finalizing plans to purchase 150 licenses of an electronic-signature application.Six months ago, GSA was skeptical about using ApproveIt Desktop from Silanis Technology Inc. of St. Laurent, Quebec. Officials weren’t sure if the signing tool, which works via a browser, would work with the Defense Department’s PKI.But after a November analysis of ApproveIt, the Defense Department’s Joint Interoperability Test Command said the software was interoperable with its proprietary system.The test showed that any agency using the software could accept DOD certificates, and verify the status of the certificate maintained in DOD databases—including certificate path-building and processing—and certificate revocation lists of invalid DOD certificates. It would also work in DOD’s Lightweight Directory Access Protocol, the analysis found.GSA expects a rollout next month of ApproveIt and will use its own Access Certificates for Electronic Signatures digital certificates and become its own certificate authority. Barry West, deputy director in GSA's Office of Electronic Government, said he can see the benefit of the software but warned of potential interoperability problems."I stress the importance of coordination among program leads, CIOs, network architects and others in bringing these types of solutions together if a full PKI is planned or already in place," West said.