Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

What is the relationship of a Device CA to the PIV trust model?

ca device model PIV relationship Trust
0
Posted

What is the relationship of a Device CA to the PIV trust model?

0 CommentsAdd a Comment

1 Answer

0

Device authentication is outside the scope of the Personal Identity Verification (PIV) program objectives. However, provisions have been made in the Federal Common Policy Framework for device certificates and agencies are encouraged to issue under this policy if interoperability with other Federal organizations is desired. (Ref: X.509 Certificate Policy for the U.S. Federal PKI Common Policy Framework) 3. FIPS-201, Section 5.4.2 states: “All certificates issued to support PIV Card authentication shall be issued under the Common Policy”. Does this statement refer to all PIV-defined keys and their corresponding certificates? Yes. The intent of this statement is that all certificates in the PIV data model shall be issued under the Common Policy. 4. Some of the specified ECC algorithms are patented by CertiCom and the Department of Defense has a licensing agreement for the use of patents in software development. What is the scope of this agreement for use implementing HSPD-12? NSA has lice

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123