 |
Certificates > ECA
|
As part of an overall program to provide a stronger and more secure authentication mechanism for accessing
Department of Defense (DoD) Information Systems, the DoD may require contractors to have DoD PKI ECA Certificates.
A notification sent by your DoD System Owner should indicate the specific DoD PKI ECA certificate required to
access their application.
On this website, you will be able to:
 |
Learn about the DoD PKI ECA Program |
|
Get Information about each certificate type |
|
Purchase a new certificate and begin the registration process |
|
Renew an existing certificate and begin the renewal process |
Which Certificate Do I Need?
There are 3 types of DoD PKI ECA Certificates:
| 1. |
Medium Assurance |
| 2. |
Medium Token Assurance |
| 3. |
Medium Hardware Assurance |
Selecting which certificate to buy is based on what is required from the system you are accessing.
Most System Owners or Administrators have issued instructions on which one to use for their application.
If you do not know which one to get, you will need to contact the System Administrator BEFORE you apply.
Do not guess as certificates are not interchangeable. For instance, if you apply for a Medium Assurance
and then realize you need a Medium Hardware Assurance, you will have to completely reapply as we cannot
transfer any of the information or forms nor can we transfer a browser based credential onto a smart card
or USB token.
|
| Certificate Type |
Features |
Medium Assurance
|
- Assurance Level: Medium, identity verified by a notary
- Software-based digital certificate stored within the Internet browser
- Keys generated and held in FIPS 140-1/2 level 1 or higher validated software (i.e. Internet Explorer)
- Validity: 1 or 3 year certificates
|
Medium Token Assurance
|
- Assurance Level: Medium, identity verified by a notary
- Keys generated and held in FIPS 140-2 Level 2 or higher validated USB Token
- Validity: 1 or 3 year certificates
|
Medium Hardware Assurance
|
- Assurance Level: Medium Hardware, identity verified by an IdenTrust Agent or Trusted Correspondent AND requires additional forms of identification
- Hardware-based digital certificate stored within a smart card or USB token
- Keys generated and held in FIPS 140-2 level 2 or higher validated smart card
- Keys generated and held in FIPS 140-2 level 2 or higher validated USB token
- Validity: 1 or 3 year certificates
|
|
Purchasing 10+ Certificates?
If more than 10 employees in your company need a certificate, IdenTrust offers a program to bulk load the
registration of all your employees at the same time and have someone in your organization perform the
in-person Identity and Authentication, thereby saving your company time and money as bulk load registrations
have discounted pricing. Contact Richard Jensen about the Trusted Correspondent Program.
|
|
|
|
SALES CONTACT
RELATED CONTENT
AFTER YOU BUY
OTHER
CUSTOMER SUPPORT
|
|
