[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DoD X.509 Certificate Policy

To: "Donahue, Edward" <edonahue@xxxxxxxxxxxx>, pki-twg@xxxxxxxxxxxxxxxxxxx, "'Sweigert, David'" <David.Sweigert@xxxxxxxxxxx>
Subject: RE: DoD X.509 Certificate Policy
From: "Fillingham, David W." <dwfilli@xxxxxxxxxxxxxx>
Date: Mon, 7 Jun 1999 11:05:16 -0400
Cc: ietf-pkix@xxxxxxx, "Heckman, Donald R." <drheckm@xxxxxxxxxxxxxx>, "Wagner, Clark J." <cjwagne@xxxxxxxxxxxxxx>, "Jenkins, Michael J." <MJJENKI@xxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

Title: RE: DoD X.509 Certificate Policy

David:

Responses in-line...

----------
From: Sweigert, David[SMTP:David.Sweigert@GSC.GTE.Com]
Sent: Monday, June 07, 1999 10:30 AM
To:     Donahue, Edward; pki-twg@csmes.ncsl.nist.gov
Cc:     ietf-pkix@imc.org
Subject:        RE: DoD X.509 Certificate Policy

Ed:

[or anyone else]

The DOD X.509 Certificate Policy, Version 2.0 dated March 1999 discusses
a CRL validity period for class 4 certificates as DAILY. If class 4
certificates equate to FORTEZZA certificates, current policy (NAG-69B)
now says 28 days.

The DoD X.509 Certificate Policy applies to Version 3 X.509 certificates (FORTEZZA or non-FORTEZZA). NAG-69B equates to Version 1 FORTEZZA certificate implementations.

Does anyone know if NAG-69/current policy has been
changed?

NAG-69 has not been changed to require daily CRL issuance.

Is DOD moving away from FORTEZZA?

FORTEZZA based implementations remain one option for DoD network security applications, and are expected to remain in use for some time.

Is DOD looking at smart cards or
Universal Serial Bus?

Yes, though not as a near-term replacement for FORTEZZA.

Dave

-----Original Message-----
From: Donahue, Edward [mailto:edonahue@ASEC-MD2.COM]
Sent: Monday, June 07, 1999 8:32 AM
To: Sweigert, David; pki-twg@csmes.ncsl.nist.gov
Subject: RE: DoD X.509 Certificate Policy

Dave

I believe these documents are official, if not final. They are the versions
which people are currently using. I have mentioned several times that the
NSFF web site does not have these current versions, but so far the site has
not been updated, so apparently I haven't mentioned it to the right people.

Ed Donahue

> -----Original Message-----
> From:Sweigert, David [SMTP:David.Sweigert@GSC.GTE.Com]
> Sent:Friday, June 04, 1999 2:31 PM
> To:   pki-twg@csmes.ncsl.nist.gov
> Cc:   ietf-pkix@imc.org; spki@c2.net
> Subject:      DoD X.509 Certificate Policy
>
> It would be great to get any clarification from DoD on the following:
>
> The Public Key Infrastructure Roadmap for DoD.
>
> Is the June 3, 1999, Version 2.0, Revision C available
> for distribution ? Is it final ?
>
> Is the DoD X.509 Certificate Policy, Version 2.0 dated March
> 1999 final ?
>
> Thanks for your interest.
>
> Dave Sweigert

Prev by Date: RE: I-D ACTION:draft-ietf-pkix-ipki-ecdsa-01.txt
Next by Date: RE: DoD X.509 Certificate Policy
Previous by thread: RE: DoD X.509 Certificate Policy
Next by thread: RE: DoD X.509 Certificate Policy
Index(es):
- Date
- Thread