What is the OCTO standard for encryption (is it OK to use PGP technology)?
Encryption is a technical security mechanism that can be employed when transmitting data over an open communications network. OCTO is developing an encryption standard to specify appropriately secure algorithms and define acceptable uses for encryption. This standard will be in accordance with federal encryption standards such as the Advanced Encryption Standard (AES) and NIST document SP 800-21, Guideline for Implementing Cryptography in the Federal Government. OCTO is also developing a Public Key Infrastructure (PKI) to address agency needs for encryption, digital signature, and secure remote access. PGP has been regarded as the most widely recognized and used encryption software in the IT industry, however the use of PGP for new encryption applications is now a significant risk. Although PGP is retained and continues to be the encryption engine within some commercial product lines, many PGP products are being put into maintenance mode that results in limited technical support availa
