GSA open to outsourcing federal PKI operation

The General Services is looking for new ideas about how to manage the Federal Public Key Infrastructure (PKI) Trust system, including the possibility of turning it over to a contractor.

At present, GSA is responsible for the system, which maintains links between federal agencies and public and private groups that issue PKI certificates, and systems that connect different government PKI systems. Among other functions, the system is used to support the process for maintaining Personal Identity Verification credentials.

But in a request for information released earlier this month, GSA invited people to suggest alternative solutions for managing federal PKI operations. The RFI asks for comments on two basic approaches: the current model, in which a contractor provides the service using government-furnished systems, and a services-only model, in which a contractor takes over the system as well.

In the case of the current model, GSA also is looking for ideas about to enhance existing services. For example, the agency would like to develop a funding model that would make it possible to recover the costs of operating the PKI infrastructure. The RFI also asks for comments on how to better divide management responsibilities between the government and the contractor.

In the case of the services-only model, GSA would like comments on how to manage the transition.

About the Author

John Stein Monroe, a former editor-in-chief of FCW, is the custom editorial director for the 1105 Public Sector Media Group.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Thu, Feb 9, 2012 Larry Hale

I am Larry Hale, GSA Director of Strategic Solutions and Security Services and I oversee this program. I want to explain GSA's intent and clarify a few of the details mentioned above. The operation of the FPKI infrastructure is currently provided by a commercial vendor. This RFI is an effort to gather market information on the state of this maturing technology to gauge the competitive environment prior to developing an acquisition strategy. Its intention is both practical in determining what vendor capabilities are for cost and system improvements to the current state and for engaging industry in broad based suggestions for long term strategic planning.

Wed, Feb 8, 2012 myron

GSA is responsible for the system, which maintains links between federal agencies and public and private groups that issue PKI certificates, and systems that connect different government PKI systems

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group