Citizen PKI project under way

A distant cousin to the Federal Bridge Certificate Authority (FBCA) is the

General Services Administration's Certificate Arbitrator Module (CAM), which

like the FBCA is intended to provide a level of interoperability among

public-key infrastructure systems.

But whereas the FBCA is aimed at enabling interoperability among government

agency PKIs, the CAM's goal is to allow an individual citizen to deal with

multiple agencies using the same digital certificate. The CAM is part of

the Access Certificates for Electronic Services program at GSA.

ACES provides digital certificates to citizens who want to conduct online

transactions with agencies. The individual connects via the Internet to

an ACES Registration Authority, which asks for certain details such as name,

address and phone number. After verifying the information, a one-time personal

identification number is mailed to the person, who uses it to generate a

public/private key pair with his or her computer's World Wide Web browser.

The person then supplies the personal identification number and public key

to the ACES certificate authority, which issues a certificate that is then

stored in the user's Web browser.

The CAM is a piece of software — provided for free by GSA — that is

inserted into an agency's regular security umbrella and allows it to automatically

check on whether a citizen's certificate is valid, in real time. It's basically

a router that automatically generates a request to the certificate's ACES-compliant

issuer to determine its status.

"CAM wouldn't be necessary if agencies could build that [validation]

functionality into each and every application," said Stanley Choffrey, GSA

program manager for ACES and the CAM, as well as the FBCA. "The CAM allows

agencies to build a simple application program interface for those applications,

and then every application is automatically PKI-enabled. It offloads a lot

of the PKI infrastructure work that would have to be embedded in each application."

Agencies still have to build trust lists and manually enter the trust

keys for each of the certificate authority domains it wants to maintain.

Other than that, the CAM automatically verifies all transactions.

The CAM is actually pretty flexible, according to Choffrey. It can filter

many types of information so that the use of certificates can be precisely


The CAM and the FBCA could be made to work together, Choffrey said,

but they operate on wholly different trust models. With the CAM, the party

that needs to accept the certificate has the burden of verifying the trust

level, whereas the FBCA handles that by maintaining copies of the trust

policies of participating agencies.

Eventually, Choffrey said, the goal is to open up the source code for

the CAM so that the world at large can have access to it and improve on


About the Author

Brian Robinson is a freelance writer based in Portland, Ore.


  • Cybersecurity
    Boy looks under voting booth at Ventura Polling Station for California primary Ventura County, California. Joseph Sohm /

    FBI breach notice rules lauded by states, but some want more

    A recent policy change by the FBI would notify states when their local election systems are hacked, but some state officials and lawmakers want the feds to inform a broader range of stakeholders in the election ecosystem.

  • paths (cybrain/

    Does strategic planning help organizations?

    Steve Kelman notes growing support for strategic planning efforts -- and the steps agencies take to keep those plans relevant.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.