GSA accepts bids on governmentwide PKI program

The General Services Administration is one step closer to awarding the first contract aimed at providing public-key infrastructure technology governmentwide after receiving proposals on its Access Certificates for Electronic Services program.

As the first contract designed to provide the technology necessary to secure government business over the Internet, GSA's ACES contract has generated a lot of interest in the government and vendor communities.

"This really represents the first governmentwide contract [for PKI and related technologies and services] that agencies can order off of," said Tony Trenkle, director of electronic services at the Social Security Administration. "It provides a linchpin for really pushing a governmentwide PKI infrastructure that was not there before."

This will be especially important for smaller agencies that could not afford the time or money necessary to put together a PKI pilot the way the Defense Department and other agencies have done during the past year, Trenkle said.

GSA would not disclose the number of proposals the agency received last month, but an AT&T spokeswoman confirmed that the company submitted a bid on the ACES program.

Several sources close to the contract said Digital Signature Trust Co. also submitted a bid.Spokespeople for PKI vendors Entrust Technologies Inc. and VeriSign Inc. said the companies bid as subcontractors but would not disclose their teaming arrangements.

Now that the bids are in, GSA will take the next few months to make an initial evaluation of the proposals. The agency plans to award the contract in mid-summer to as many vendors as it deems necessary, according to Judith Spencer, director of the GSA Center for Governmentwide Security.

Several agencies will be working closely with the GSA team in the upcoming months, officials said.The U.S. Postal Service at one point considered participating in a bid on the contract, but in the end decided against that step, said Charles Chamberlain, USPS' technology policy manager.

"I think we're going to do everything we can to help GSA, but we're not bidding," he said.

SSA was one of the first agencies to issue a letter of intent on the contract and is now working closely with Spencer's office, Trenkle said. SSA has been eyeing ACES from the beginning as a possible tool for the agency's plans to put several of its systems and services online. This could include the agency's Personal Earnings and Benefit Estimate Statement system, which was pulled from the Internet in 1997 after Congress expressed concern that the information could be available to any visitor.

"We have developed a working relationship with GSA to make sure our concerns are met before we start using the contract," he said.

Those concerns include privacy and control of personal information, he said. And though ACES has a lot of potential, it will not be the best fit for every application, and SSA is taking very careful steps in choosing which systems, if any, will use the contract.

"We're very interested and excited about it, but we need to look at it from a very pragmatic viewpoint," Trenkle said.


  • Elections
    voting security

    'Unprecedented' challenges to safe, secure 2020 vote

    Our election infrastructure is bending under the stress of multiple crises. Administrators say they are doing all they can to ensure it doesn't break.

  • FCW Perspectives
    zero trust network

    Can government get to zero trust?

    Today's hybrid infrastructures and highly mobile workforces need the protection zero trust security can provide. Too bad there are obstacles at almost every turn.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.