DoD to Cease Issuance of Software PKI Certificates to FVEY Partner Nations
Published, May 30, 2012
The Department of Defense Chief Information Officer has announced a decision to cease the issuance of software Public Key Infrastructure (PKI) certificates to its "Five Eyes" (FVEY) partner nations (Australia, New Zealand, Canada and the United Kingdom). A memo released on May 8, 2012, states that starting May 31, 2012, the FVEY partner nations that interact with the DoD on the Nonsecure Internet Protocol Router Network (NIPRNet) will be required to purchase Medium Token Assurance PKI certificates from DoD external certificate authority (ECA) vendors. Software PKI certificates that have already been issued by the DoD to FVEY partner nations will be accepted until the end of May 2013.
The memo, "PKI Interoperability with FVEY Partner Nations on the NIPRNet," describes that under a Combined Joint Multilateral Master Military Information Exchange Memorandum of Understanding (CJM3IEM), DoD had agreed to issue FVEY partner nations software PKI certificates for three years. This was to provide the FVEY partner nations time to develop their own PKIs. Established in February 2006, the initial CJM3IEM agreement, has been extended twice, and was scheduled to expire at the end of May 2012.
An attachment to the DoD Memo includes identification of the websites of the three DoD-approved ECA certificate providers, general instructions for obtaining ECA certificates and estimated ECA certificate costs.
This guidance will be incorporated into a future Secretary of the Navy Instruction on Department of the Navy PKI and identity management implementation.