DOD gives nod to Certipath certificates

The Defense Department is accepting public key infrastructure certificates from Certipath LLC, an external party provider whose membership includes several major defense contractors, the company has announced.

Certipath, of Herndon, Va., is a joint venture formed by three major PKI providers: Arinc Inc., of Annapolis, Md.; Exostar LLC, of Herndon, Va.; and SITA SC of Brussels, Belgium. CertiPath is a third party bridge that allows companies to securely share information with one another and with federal agencies. Federal contractors that meet the information assurance standards are eligible to apply for participation in Certipath.

The companies participating in Certipath's information-assurance platform include BAE Systems Inc., Boeing Co. EADS, Lockheed Martin Corp., Northrop Grumman Corp., Raytheon Co. and the U.S. Federal Bridge.

Certipath is the first commercial entity to be accepted as a PKI authority that meets the DOD's newest policies on information assurance, the company said. Previously, the Defense Department trusted only the PKI certificates issued by its own authority.

Jeff Nigriny, president of Certipath, said the announcement of July 28 is the culmination of five years' effort. "We've worked very closely with the offices of the CIO and our members to achieve the highest possible standards of trust," Nigriny said.