How FBCA works

When one agency receives a transaction from another that is signed with

a private key that corresponds to a public key in a certificate issued by

the sender's certificate authority, the receiving agency has to determine

that the certificate can be trusted, something that the Federal Bridge Certification

Authority enables through a trust path.

The receiving agency must determine that the certificate has sufficient

trust, which is done by comparing the receiving agency's trust policy to

that of the FBCA.

Finally, the FBCA allows the receiving agency to determine that the

certificates in the trust path are still valid. If all three of these

elements are met — something the FBCA determines automatically — the transaction

can be completed.

The prototype has two CA products supplied through Baltimore Technologies

and Entrust Technologies Inc., which interoperate within the FBCA. Any agency

CAs that interoperate with either product will be able to interoperate with

each other. The intent is to include a range of other CA products in the

FBCA, with the goal of allowing interoperability with any CA product or

service an agency may choose to work with.

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.