Feds limited on digital signatures

Office of Management and Budget memo on digital signatures

Related Links

Federal officials received a reminder this week not to deviate from a list of acceptable vendors when buying digital signature services.

In a Dec. 20 memo, Office of Management and Budget officials asked federal officials to use a government-approved list of digital signature providers. Using commercial providers not on the approved list poses a security risk, according to the memo. The listed providers have been certified as complying with the federal government's certificate authority policies and security laws.

General Services Administration officials created the certification program to ensure government oversight of digital signature providers. But the issuance of the memo suggests that some agency officials are bypassing the approved providers when they buy digital signature services.

Only three providers are on the approved list. They are the Agriculture Department's National Finance Center, VeriSign and Betrusted U.S.

Featured

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

  • Cybersecurity
    enterprise security (Omelchenko/Shutterstock.com)

    Does Einstein need a post-SolarWinds makeover?

    A marquee program designed to protect the government against cybersecurity threats is facing new scrutiny in the wake of Solar Winds Orion breach, but analysts say the program was unlikely to have ever stopped the hacking campaign.

Stay Connected