Marines move toward PKI

[InfoSec News <isn () c4i org>]

http://www.fcw.com/fcw/articles/2002/1125/web-pki-11-25-02.asp

By Dan Caterinicchia 
Nov. 25, 2002

The Marine Corps' Marine Forces Pacific is scheduled to transition to
a new public-key infrastructure early next year, but it found that the
process has been more difficult than anticipated.

Downloading the personal certificates from a certificate authority on
the mainland has proven to be a time-consuming and frustrating
process, which has lead the command to request a certificate authority
be placed in the Pacific region.

Col. Mark Clapp of Marine Forces Pacific said all of the command's
private Web servers have been issued PKI server certificates, and more
than 600 end-user certificates have been generated from the
certificate authority in Chambersburg, Pa.

But only 429 of those personal certificates, which represent about
half of the Marine Forces Pacific staff, have been successfully
downloaded, and integration with the Defense Department's Common
Access Cards (CAC) looms next year, Clapp said.

DOD employees with the cards should be able to use them to access any
military system they are cleared for, no matter where a system is
located. The ultimate goal is to have one card that will work across
all of government — civilian and military — and provide secure logical
and physical access wherever the holder goes, but currently the card
can't hold multiple PKI certificates, he said.

Speaking as part of a Nov. 21 panel at AFCEA International's TechNet
Asia-Pacific 2002 Conference and Exposition in Honolulu, Clapp said
that in addition to the lengthy certificate authority process, which
must be restarted from the beginning if a connection is lost,
regardless of how far along the process was, other challenges include
getting Marine Forces Pacific to accept the new PKI culture and
outfitting all new computers with CAC readers.

To help ensure that Marine Forces Pacific is ready to transition to
the new PKI "early in the second quarter of 2003," Clapp said Marine
Forces Pacific has requested that a regional certificate authority be
placed in the Pacific region.

Army Col. Randy Strong of Pacific Command agreed, saying that Pacom
headquarters has been pushing "very hard" for the Defense Information
Systems Agency, which manages the Chambersburg certificate authority
and another in Denver, to set up a regional facility to serve the
Pacific.
 


-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.