FPKI PIV-I Certified, v1.0
Has the organization been approved by the FPKI CA (or bridged to the FPKI CA with a navigatable trust chain)? Be sure to review this site: http://www.idmanagement.gov/approved-piv-i-entities and provide all certs involved in the trust chain if the certification is not direct.
Provide evidence of their FPKI Certification (including all certs in the chain as required).
Conformance Criteria (1)
An organization that has been certified by the FPKI is published to the Approved PIV-I Entities site.
|Trustmark Reference Attribute||https://artifacts.trustmarkinitiative.org/lib/trustmark-definitions/fpki-pivi-certified/1.0//trustmark-reference/|
|Keywords||FPKI, PIV-I, Federal Public Key Infrastructure, Personal Identity Verification, Authentication, Certificate Authority, CA, X.509,|
|Assessment Step Preface||
|Target Stakeholder||The PIV-I Community and relying parties of PIV-I cards.|
|Target Recipient||Organizations that operate a PIV-I CA that is cross certified with the FPKI.|
|Target Relying Party||Organizations that wish to trust organizations operating PIV-I CAs.|
|Target Provider||Any organization that is capable of verifying a chain of trust.|
|Provider Eligibility Criteria||Any organization or business entity may act as a Trustmark Provider for trustmarks under this Trustmark Definition.|
|Assessor Qualifications||Any individual employed or contracted by the Trustmark Provider may act as the assessor for trustmarks under this Trustmark Definition.|
|Trustmark Revocation Criteria||For any trustmark issued under this Trustmark Definition, the Trustmark Provider must revoke the trustmark upon any condition whereby one or more Conformance Criteria cease to be satisfied.|
|Extension Description||This Trustmark Definition requires no extension data.|
|Legal Notice||This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.|
|Attribute Provider Organization||APO||
An identity federation member organization that vets and collects specific attributes about individuals, maintains those attributes in an accurate and timely manner, and provides those attributes to other organizations in the identity federation as needed, subject to applicable attribute release and privacy policies, for access control and auditing purposes. An APO operates one or more Attribute Provider (AP) software entities in an identity federation.
|Federal Public Key Infrastructure Policy Authority||FPKIPA||
The Federal Public Key Infrastructure (FPKI) Policy Authority is an inter-agency body set up under the CIO Council to enforce digital certificate standards for trusted identity authentication across the federal agencies and between federal agencies and outside bodies, such as universities, state and local governments and commercial entities.
|Identity Provider Organization||IDPO||
An identity federation member organization that vets individuals, collects attributes about these individuals, and maintains those attributes in an accurate and timely manner. The IDPO operates one or more Identity Provider (IDP) entities, and may also operate one or more SAML Assertion Delegate Service (ADS) entities, in an identity federation.
|Personal Identity Verification Interoperable||PIV-I||
PIV-I Cards are popular way of performing high level of assurance authentication of users. The cards have strongly protected crypto devices and can perform strong authentication of a user.
|Service Provider Organization||SPO||
An identity federation member organization that operates one or more SAML Service Provider (SP) and/or Web Service Provider (WSP) software entities in an identity federation.