VeriSign cleared to provide digital certificates for working with Defense

VeriSign Inc. today said it has been approved by the Defense Department to issue digital certificates under the External Certificate Authority program. The certificates are required for anyone who wants access to protected government Web sites and applications including e-mail, remote access and digitally signed documents.

VeriSign of Mountain View, Calif., and Operational Research Consultants Inc. of Chesapeake, Va., are currently the only providers approved by DOD to operate ECA services.

ECA replaces the Interim External Certificate Authority program, which was set up in the late 1990s to issue digital certificates for government contractors who needed access to Defense networks. IECA certificates were good for one year, and VeriSign, which also participated in the IECA program, can no longer issue them, according to company officials.

The ECA program extends certificate issuance to other business employees, state and local government users, individuals, foreign workers and others who must interact with DOD.

George Schu, VeriSign vice president for the public sector, said gaining DOD certification for ECA took about 11 months. The process included interoperability testing at the DOD Joint Interoperability Test Command at Fort Huachuca, Ariz.

Schu said VeriSign's ECA service will provide such enhanced features as multiyear certificates, hardware tokens, key escrow and Trusted Agent services. Trusted Agent services are a way of streamlining the certificate issuance process whereby a single approved person within a company or organization can work with VeriSign to acquire certificates for large groups of people.

Brad Grimes is an assistant managing editor of Washington Technology's sister publication, Government Computer News.