IdenTrust Inc. Logo
Home | Login | Site Map | Contact Us  

  
COMPANY SOLUTIONS INDUSTRIES CERTIFICATES INFO CENTER PARTNERS SUPPORT
BEFORE YOU BUY CERTIFICATE CENTER AFTER YOU BUY TRUSTID ACES ECA
ECA Digital Certificates

Certificates > ECA


As part of an overall program to provide a stronger and more secure authentication mechanism for accessing Department of Defense DOD Information Systems, contractors may be required to use Digital Certificates: an electronic identity credential issued by an External Certification Authority (ECA) that establishes an individual’s Identity when transacting business electronically.

IdenTrust provides two types of ECA digital certificates: s-Certificates which are browser based Medium Assurance certificates and t-Certificates which are hardware-based Medium Hardware Assurance certificates stored on either a smart card or USB token.

All IdenTrust ECA certificates include identity authentication, digital signing, and encryption capabilities and comply with DoD ECA Certificate Policies. These certificates are also citizen attribute "ready" (mandatory after July 1, 2007).



Certificate Type Features
s-Certificates - Medium Assurance
Stored in the browser 		- Software-based medium assurance.
- Keys generated and held in FIPS 140-1/2 level 1 or higher validated (i.e. IE browser) software.
t-Certificates - Medium Hardware Assurance
Smart Card and UBS Token 		- Hardware-based (i.e. a smart card or USB token) medium assurance.
- Keys generated and held in FIPS 140-2 level 2 or higher validated smart card.
- Keys generated and held in FIPS 140-2 level 2 or higher validated USB token.


The digital certificate contains the individual's name and citizenship, a serial number, expiration dates, the certificate holder's public key (used for encrypting messages or digital signatures) and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Once the digital signature is verified, the individual is granted access to DoD information systems. Every Subscriber will receive a Signing and an Encryption certificate. The signing certificate is used for signature and access control. The encryption certificate is used for encryption of email.

Experience and Reputation

Since 1999, IdenTrust, formerly Digital Signature Trust, was authorized by the Department of Defense (DoD) to issue digital certificates to their trading partners. IdenTrust has delivered certificate programs to the U.S. government for many years and has built a reputation for outstanding customer service.

In fact, IdenTrust provides more than 70% of the ACES (Access Certificates for Electronic Services) digital certificates and works closely with the General Services Administration (GSA) to ensure that execution and delivery meet the needs of both the subscriber and the agency. The GSA acts as policy authority and administrator and provides logical access control for electronic government applications requiring digital signatures or electronic authentication.

IdenTrust also provides digital certificate services to weapons exporters under the Department of State's D-Trade defense contractor licensing program.

Other agencies we have collaborated with include the Department of Labor, Department of Health and Human Services, and the Internal Revenue Service.

Benefits

Benefits of IdenTrust ECA services include:
Flexible registration to fit the needs of small or large subscribing organizations, including online registration for individuals and bulk load registration for groups.
Identification and authentication aligned with the specific needs of the subscribing organization:
Trusted Correspondent Performed - for large subscribing organizations able to perform identity verification (requires on-site meeting with IdenTrust),
Notary Performed - for individuals and small subscribing organizations without internal resources or expertise (applies to Medium-Assurance s-Certificates only and requires in-person meeting with a notary public).
IdenTrust Performed - for individuals and small subscribing organizations (requires no on-site resources),
Secure and standards-validated hardware tokens.
FIPS validated cryptographic modules (minimum level 1).
FIPS-2 Level 2 or higher smart card or USB token validation (medium hardware tokens only).
Certificate Policy version 3.1-ready certificates for medium and medium hardware certificates with the ability to verify and include citizenship.
Encryption key escrow and key recovery services. All IdenTrust ECA encryption certificates are escrowed for security. Recovery request verification services are available through a local KRO for larger organizations with Trusted Correspondents.

The U.S. government will continue to require greater levels of online security and authentication from individuals wanting to conduct business electronically with its agencies. IdenTrust’s experience with government digital certificate policies is proven and extensive. IdenTrust brings that knowledge to the ECA’s program, expanding the pool of options and resulting in a richer, more robust contribution to the U.S. government efforts to know who it is dealing with. Digital certificates are all about Trust, and with IdenTrust, you can trust that the certificates issued will stringently adhere to the ECA Certificate Policy.



SALES CONTACT
1 (866) 299-3335
ECAsales@
IdenTrust.com

RELATED CONTENT
BUY ECA
Instructions for Applicant
Locations for IdenTrust I&A
ECA I & A
ECA Download Forms
ECA FAQs

AFTER YOU BUY
Request Key Recovery
Revoke Certificate
Root Certificate Downloads

OTHER
ECA Digital Certificates
ECA Trusted Correspondent Program
How To Become a Trusted Correspondent

CUSTOMER SUPPORT
Helpdesk@
IdenTrust.com
1-888-882-1104
 © 2008 IdenTrust Inc. All Rights Reserved    Home | Contact Us | Site Map | Legal Policies IdenTrust