 |
Certificates > ECA
|
As part of an overall program to provide a stronger and more secure authentication mechanism for accessing
Department of Defense DOD Information Systems, contractors may be required to use Digital Certificates:
an electronic identity credential issued by an External Certification Authority (ECA) that establishes
an individual’s Identity when transacting business electronically.
IdenTrust provides two types of ECA digital certificates: s-Certificates which are browser
based Medium Assurance certificates and t-Certificates which are hardware-based Medium
Hardware Assurance certificates stored on either a smart card or USB token.
All IdenTrust ECA certificates include identity authentication, digital signing, and encryption capabilities and
comply with DoD ECA Certificate Policies. These certificates are also citizen attribute "ready" (mandatory after July 1, 2007).
|
| Certificate Type |
Features |
s-Certificates - Medium Assurance
|
- Software-based medium assurance.
- Keys generated and held in FIPS 140-1/2 level 1 or higher validated (i.e. IE browser) software.
|
t-Certificates - Medium Hardware Assurance
|
- Hardware-based (i.e. a smart card or USB token) medium assurance.
- Keys generated and held in FIPS 140-2 level 2 or higher validated smart card.
- Keys generated and held in FIPS 140-2 level 2 or higher validated USB token.
|
|
The digital certificate contains the individual's name and citizenship, a serial number, expiration dates,
the certificate holder's public key (used for encrypting messages or digital signatures) and the digital
signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.
Once the digital signature is verified, the individual is granted access to DoD information systems. Every
Subscriber will receive a Signing and an Encryption certificate. The signing certificate is used for
signature and access control. The encryption certificate is used for encryption of email.
|
Experience and Reputation
Since 1999, IdenTrust, formerly Digital Signature Trust, was authorized by the Department of Defense (DoD) to
issue digital certificates to their trading partners. IdenTrust has delivered certificate programs to the U.S.
government for many years and has built a reputation for outstanding customer service.
In fact, IdenTrust provides more than 70% of the ACES (Access Certificates for Electronic Services) digital
certificates and works closely with the General Services Administration (GSA) to ensure that execution and
delivery meet the needs of both the subscriber and the agency. The GSA acts as policy authority and
administrator and provides logical access control for electronic government applications requiring
digital signatures or electronic authentication.
IdenTrust also provides digital certificate services to weapons exporters under the Department of
State's D-Trade defense contractor licensing program.
Other agencies we have collaborated with include the Department of Labor, Department of Health and Human Services,
and the Internal Revenue Service.
|
Benefits
Benefits of IdenTrust ECA services include:
|
 |
Flexible registration to fit the needs of small or large subscribing organizations, including online registration for individuals and bulk load registration for groups. |
|
Identification and authentication aligned with the specific needs of the subscribing organization:
 |
Trusted Correspondent Performed - for large subscribing organizations able to perform identity verification (requires on-site meeting with IdenTrust), |
|
Notary Performed - for individuals and small subscribing organizations without internal resources or expertise (applies to Medium-Assurance s-Certificates only and requires in-person meeting with a notary public). |
|
IdenTrust Performed - for individuals and small subscribing organizations (requires no on-site resources), |
|
|
Secure and standards-validated hardware tokens. |
|
FIPS validated cryptographic modules (minimum level 1). |
|
FIPS-2 Level 2 or higher smart card or USB token validation (medium hardware tokens only). |
|
Certificate Policy version 3.1-ready certificates for medium and medium hardware certificates with the ability to verify and include citizenship. |
|
Encryption key escrow and key recovery services. All IdenTrust ECA encryption certificates are escrowed for security. Recovery request verification services are available through a local KRO for larger organizations with Trusted Correspondents. |
|
The U.S. government will continue to require greater levels of online security and authentication from individuals
wanting to conduct business electronically with its agencies. IdenTrust’s experience with government digital
certificate policies is proven and extensive. IdenTrust brings that knowledge to the ECA’s program, expanding
the pool of options and resulting in a richer, more robust contribution to the U.S. government efforts to know
who it is dealing with. Digital certificates are all about Trust, and with IdenTrust, you can trust that the
certificates issued will stringently adhere to the ECA Certificate Policy.
|
|
|
|
SALES CONTACT
RELATED CONTENT
AFTER YOU BUY
OTHER
CUSTOMER SUPPORT
|
|
