IdenTrust - Certificates

Home | Login | Contact Us

Home
Company
Solutions
- Overview
- Industry
- Products
  - PLOT
  - HUB
  - Identity Network
  - Trust Prime
  - Trust Sign
  - Trust Link
  - Trust Gate
  - MITM
Certificates
- Certificate Chart
- TrustID
- ACES
- ECA
Partner
- Overview
- Solution
- Compliant
- Integration
- Reseller
- Partner List
Library
Support

IdenTrust will be issuing ECA Digital Certificates!

Certificates > ECA

The External Certification Authority (ECA) program enables Department of Defense (DoD) approved external authorities, such as IdenTrust, to issue digital certificates to industry partners and other external entities for use in many of their electronic programs including: the Wide Area Workflow, Defense Travel System, Secure Messaging and Electronic Document Access. Each external authority must comply with DoD certificate policy rules for identification and authentication.

IdenTrust provides a complete ECA certificate service with two types of ECA Medium Assurance digital certificates: s-Certificates (software-based) and t-Certificates (hardware-based).

Both certificate types include identity authentication, digital signing, and encryption and comply with ECA certificate policies. These certificates are also citizen attribute "ready" (mandatory after July 1, 2007).

Certificate Type	Features
s-Certificates	- Software-based medium assurance. - Keys generated and held in FIPS 140-1/2 level 1 validated (i.e. IE browser) software.
t-Certificates	- Hardware-based (i.e. a token or smart card) medium assurance. - Keys generated and held in FIPS 140-2 level 2 validated smart card. - Keys generated and held in FIPS 140 level validated USB token.

The digital certificate contains the individual's name and citizenship, a serial number, expiration dates, the certificate holder's public key (used for encrypting messages or digital signatures) and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Once the digital signature is verified, the individual is granted access to DoD information systems. Every Subscriber will receive a Signing and an Encryption certificate. The signing certificate is used for signature and access control. The encryption certificate is used for encryption of email.

Experience and Reputation

Since 1999, IdenTrust, formerly Digital Signature Trust, was authorized by the Department of Defense (DoD) to issue digital certificates to their trading partners. IdenTrust has delivered certificate programs to the U.S. government for many years and has built a reputation for outstanding customer service.

In fact, IdenTrust provides more than 70% of the ACES (Access Certificates for Electronic Services) digital certificates and works closely with the General Services Administration (GSA) to ensure that execution and delivery meet the needs of both the subscriber and the agency. The GSA acts as policy authority and administrator and provides logical access control for electronic government applications requiring digital signatures or electronic authentication.

IdenTrust also provides digital certificate services to weapons exporters under the Department of State's D-Trade defense contractor licensing program.

Other organizations collaborating with IdenTrust include: the Department of Labor, Department of Health and Human Services, and the Environmental Protection Agency.)

Benefits

Benefits of IdenTrust ECA services include:

Flexible registration to fit the needs of small or large subscribing organizations, including online registration for individuals and bulk load registration for groups.

Identification and authentication aligned with the specific needs of the subscribing organization:

	Trusted Correspondent Performed - for large subscribing organizations able to perform identity verification (requires on-site meeting with IdenTrust),
	Notary Performed - for individuals and small subscribing organizations without internal resources or expertise (applies to medium-assurance certificates only and requires in-person meeting with a notary public).
	IdenTrust Performed - for individuals and small subscribing organizations (requires no on-site resources),

Secure and standards-validated hardware tokens.

FIPS validated cryptographic modules (minimum level 1).

FIPS Level 2 smart card validation (medium hardware tokens only).

Certificate Policy version 3.1-ready certificates for medium and medium hardware certificates with the ability to verify and include citizenship.

Encryption key escrow and key recovery services. All IdenTrust ECA encryption certificates are escrowed for security. Recovery request verification services are available through a local KRO for larger organizations with Trusted Correspondents.

The U.S. government will continue to require greater levels of online security and authentication from individuals wanting to conduct business electronically with its agencies. IdenTrust's experience with government digital certificate policies is proven and extensive. IdenTrust brings that knowledge to the ECA program, expanding the pool of options and resulting in a richer, more robust contribution to the U.S. government efforts to know who it is dealing with. IdenTrust is all about digital certificates. With IdenTrust, you can trust that the certificates issued will stringently adhere to the ECA certificate policy, and, that any and all customer service is outstanding.