[ISN] Marines move toward PKI

From: InfoSec News (isnat_private)
Date: Mon Nov 25 2002 - 00:01:09 PST

  • Next message: InfoSec News: "[ISN] Linux Advisory Watch - November 22nd 2002"

    By Dan Caterinicchia 
    Nov. 25, 2002
    The Marine Corps' Marine Forces Pacific is scheduled to transition to
    a new public-key infrastructure early next year, but it found that the
    process has been more difficult than anticipated.
    Downloading the personal certificates from a certificate authority on
    the mainland has proven to be a time-consuming and frustrating
    process, which has lead the command to request a certificate authority
    be placed in the Pacific region.
    Col. Mark Clapp of Marine Forces Pacific said all of the command's
    private Web servers have been issued PKI server certificates, and more
    than 600 end-user certificates have been generated from the
    certificate authority in Chambersburg, Pa.
    But only 429 of those personal certificates, which represent about
    half of the Marine Forces Pacific staff, have been successfully
    downloaded, and integration with the Defense Department's Common
    Access Cards (CAC) looms next year, Clapp said.
    DOD employees with the cards should be able to use them to access any
    military system they are cleared for, no matter where a system is
    located. The ultimate goal is to have one card that will work across
    all of government  civilian and military  and provide secure logical
    and physical access wherever the holder goes, but currently the card
    can't hold multiple PKI certificates, he said.
    Speaking as part of a Nov. 21 panel at AFCEA International's TechNet
    Asia-Pacific 2002 Conference and Exposition in Honolulu, Clapp said
    that in addition to the lengthy certificate authority process, which
    must be restarted from the beginning if a connection is lost,
    regardless of how far along the process was, other challenges include
    getting Marine Forces Pacific to accept the new PKI culture and
    outfitting all new computers with CAC readers.
    To help ensure that Marine Forces Pacific is ready to transition to
    the new PKI "early in the second quarter of 2003," Clapp said Marine
    Forces Pacific has requested that a regional certificate authority be
    placed in the Pacific region.
    Army Col. Randy Strong of Pacific Command agreed, saying that Pacom
    headquarters has been pushing "very hard" for the Defense Information
    Systems Agency, which manages the Chambersburg certificate authority
    and another in Denver, to set up a regional facility to serve the
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Nov 25 2002 - 03:50:25 PST