How FBCA works
- By Brian Robinson
- Aug 07, 2000
When one agency receives a transaction from another that is signed with
a private key that corresponds to a public key in a certificate issued by
the sender's certificate authority, the receiving agency has to determine
that the certificate can be trusted, something that the Federal Bridge Certification
Authority enables through a trust path.
The receiving agency must determine that the certificate has sufficient
trust, which is done by comparing the receiving agency's trust policy to
that of the FBCA.
Finally, the FBCA allows the receiving agency to determine that the
certificates in the trust path are still valid. If all three of these
elements are met — something the FBCA determines automatically — the transaction
can be completed.
The prototype has two CA products supplied through Baltimore Technologies
and Entrust Technologies Inc., which interoperate within the FBCA. Any agency
CAs that interoperate with either product will be able to interoperate with
each other. The intent is to include a range of other CA products in the
FBCA, with the goal of allowing interoperability with any CA product or
service an agency may choose to work with.
Brian Robinson is a freelance writer based in Portland, Ore.