Audit Readiness of IT Systems (0)	DIACAP (12)	Information Sharing (48)	Open Source (3)
Awards (35)	DON Enterprise Architecture (49)	IT Asset Management (20)	Performance Measurement (2)
Business Case Analysis (11)	Enterprise Licensing Agreements (12)	IT Efficiencies (119)	Personal Electronic Device (17)
CIO Authorities (56)	Enterprise Services (35)	IT Expenditure Approval Authority (12)	Printing and Imaging (Copiers/MFDs) (17)
Civil Liberties (21)	Enterprise Software Initiative (32)	IT Governance (48)	Privacy (257)
Clinger-Cohen Act Compliance (25)	FISMA (11)	IT Infrastructure (17)	Public Key Infrastructure (19)
Cloud Computing (21)	Forms/Reports (14)	IT Investment Management (77)	Records Management (38)
Common Access Card (9)	Freedom of Information Act (27)	IT Portfolio Management (1)	Section 508 (10)
Cybersecurity (240)	Functional Area Manager (9)	Knowledge Management (34)	Social Media (31)
Cyberspace/IT Workforce (34)	GIG Standards (20)	Naval Enterprise Networks (38)	Spectrum (56)
DADMS/DITPR-DON (42)	Green IT (10)	Naval Networking Environment (12)	Statutory & Regulatory Compliance (11)
Data at Rest (10)	Identity Management (112)	NGEN (18)	Telecommunications (62)
Data Center Consolidation (37)	IM/IT Strategy (44)	NMCI (27)	Wireless (65)
Data Strategy (12)	Information Assurance (63)

Public Key Infrastructure

News: 7 Policy: 11 Resources: 1 All: 19

Sort by Date | Title

Policy

PKI Interoperability with FVEY Partner Nations on the NIPRNet

DoD CIO Memo - May 8, 2012

The Department of Defense requires its "Five Eyes" (FVEY) partner nations (Australia, New Zealand, Canada, and the United Kingdom) to use Public Key Infrastructure (PKI) for secure communication with DoD personnel on the Nonsecure Internet Protocol Router Network (NIPRNet), and authentication to DoD NIPRNet websites. In February 2006, the FVEY partner nations signed an Annex to the Combined Joint Multilateral Master ...

DITPR-DON Process Guidance v1.0

DON Guidance - December 5, 2011

The Department of Defense Information Technology Portfolio Repository-Department of the Navy (DITPR-DON) process guidance document provides a comprehensive discussion of core DITPR-DON functionality and basic lifecycle transactions. This information will enable all users to gain the understanding necessary to perform the basic IT asset management functions of registering, transferring and archiving DON IT systems within ...

DON Secure Hash Algorithm Migration

DON CIO Memo - June 15, 2011

This memo provides the Department of the Navy with execution guidance in response to Department of Defense (and Federal Government) direction to migrate to the use of a stronger cryptographic hash algorithm for network security (authentication activities including CAC logon and digital signatures).

DON Public Key Enablement Waiver Request Process for Unclassified Networks, Private Web Servers, Portals and Web Applications

DTG 211312Z APR11 - April 21, 2011

This Naval message updates guidance for requesting public key enablement waivers through the Department of Defense Information Technology Portfolio Repository-DON. While the requirement for a waiver for a system that is not public key enabled has not changed, the process was incorporated into the DON Enterprise Architecture compliance assessment.

DoD Acceptance and Use of Personal Identity Verification-Interoperable (PIV-I) Credentials

DoD CIO Memo - October 5, 2010

This Department of Defense Deputy Chief Information Officer memorandum establishes the DoD's position on acceptance and use of qualified Personal Identity Verification Interoperable (PIV-I) credentials for access to DoD logical and physical resources. Where appropriate, DoD relying parties (e.g., DoD installation commanders or information systems owners) should accept electronically validated PIV-I credentials for ...

Public Key Enablement of DON Unclassified Private Web Servers and Applications

DTG 291445Z DEC 09 - December 29, 2009

This Naval message details the steps that must be taken by the Department of the Navy Deputy Chief Information Officers to ensure proper public key enablement of unclassified private web servers and applications. It also requires submission of a service-specific plan of actions and milestones by Jan. 31, 2010.

DON Policy Updates for Use of NIPRNET Public Key Infrastructure Software Certificates

DTG 031859Z DEC 08 - December 3, 2008

This Naval message details policy changes that have been made as a result of an impact assessment and data call conducted by the DON CIO to understand where software certificates are used in the Department's unclassified environments.

Approval of External Public Key Infrastructures

DoD CIO Memo - July 22, 2008

This Department of Defense memo approves the use of Public Key Infrastructure certificates issued by non-DoD external organizations after successful completion of interoperability testing.

Public Key Infrastructure Software Certificate Minimization Effort for DON Unclassified Environments

DTG 122213Z MAY 08 - May 12, 2008

This Naval message announces increased attention being focused across the Department of the Navy to minimize the use of PKI software certificates.

Compliance and Review of Logical Access Control in DoD Processes

DoD Memo - January 24, 2007

This Department of Defense policy memo requires the review of NIPRNET web sites to ensure proper configuration of mandatory/discretionary access controls on private web servers, web-based applications and web portals. It underscores the need for implementation of access controls for rules-based authorization decisions, in addition to use of Public Key Infrastructure for user authentication.

DON Public Key Infrastructure Implementation Guidance

DTG 061525Z OCT 04 - October 8, 2004

This Naval message provides amplifying public key infrastructure implementation guidance.

News

DoD to Cease Issuance of Software PKI Certificates to FVEY Partner Nations

May 30, 2012

The Department of Defense Chief Information Officer has announced a decision to cease the issuance of software Public Key Infrastructure (PKI) certificates to its "Five Eyes" (FVEY) partner nations (Australia, New Zealand, Canada and the United Kingdom). A memo released on May 8, 2012, states that starting May 31, 2012, the FVEY partner nations that interact with the DoD on the Nonsecure Internet Protocol Router Network ...

DON Digital Signature and Encryption Policy for Emails Containing PII

by DON CIO Privacy Team - July 18, 2011

The purpose of this tip is to reinforce existing DON policy regarding digitally signing and encrypting emails that contain personally identifiable information (PII).

DON to Migrate to Use of Stronger Cryptographic Algorithms

July 7, 2011

The Department of the Navy Chief Information Officer released guidance directing the Department's migration to the use of a stronger cryptographic hash algorithm in data security authentication procedures such as CAC logon and digital signatures.

PKE Waiver Process Is Updated

May 3, 2011

The process for requesting waivers for systems that have not been properly Public Key Enabled (PKE) has been updated. System owners requesting a PKE waiver must now also assert the system's overall compliance with the DON Enterprise Architecture.

DoD Memo on PIV-I Credentials Released

October 29, 2010

The Department of Defense Deputy Chief Information Officer recently published a memo for Department-wide distribution on DoD acceptance and use of qualified Personal Identity Verification-Interoperable (PIV-I) credentials for access to DoD logical and physical resources.

DON Current and Future PKI and PKE Activities

by James Mauck - May 18, 2010

The Secretary of Defense has embraced public key cryptography as a critical component of defense-in-depth and contributor to the overall Department of Defense information assurance (IA) strategy for protecting its information and networks. DoD Instruction 8520.2, "Public Key Infrastructure (PKI) and Public Key Enabling (PKE)" establishes the requirements for PK-enabling all email, private web servers and networks.

Identity Management Operations to Improve Cybersecurity

by Sonya Smith - February 26, 2010

The December 2008 report written by the Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th Presidency, "Securing Cyberspace for the 44th Presidency," began with one central finding: "The United States must treat cybersecurity as one of the most important security challenges it faces."

Resources

Digitally Signing and Encrypting Email Containing PII Brief

by LCDR Greg Taylor, BUPERS IAM - February 14, 2012

The attached brief was prepared by LCDR Greg Taylor, Bureau Of Naval Personnel, information assurance manager, and addresses the Department of the Navy requirement to digitally sign and encrypt emails containing personally identifiable information.

Subscribe to the PKI RSS feed

DON CIO Information

Online Services & Community

RSS Feeds

DON CIO FOIA

DON CIO Mobile Website

Website Accessibility

External Links Disclaimer

SECNAV DON CIO • 1000 Navy Pentagon
Washington, DC 20350-1000

This is an official U.S. Navy website (DoD Resource Locator 45376) sponsored by the Department of the Navy Chief Information Officer (DON CIO). The purpose of this website is to facilitate effective information flow about information management/information technology and cybersecurity issues and initiatives occuring within the Department of the Navy.

Please read our Privacy Policy notice.
Please read our Section 508/Accessibility Statement.

Trending