National Security Service Public Key Infrastructure Common Service Provider (NSS PKI CSP)
DISA provides the Common Service Provider (CSP) capability, a Secret Fabric PKI subordinate Certificate Authority (CAs), with individual, role, and system or device certificates in accordance with Committee on National Security Service ( CNSS) Instruction No. 1300, "Instruction for National Security Systems Public Key Infrastructure X.509 Certificate Policy Under CNSS Policy No. 25" [CNSSI 1300, (PDF)] to participating federal (non-DoD) agencies. The services include: Certification Authority Systems (CAS); providing Registration Authorities (RA) services to support certificate issuance, management, and revocation for small agencies; providing training to participating agencies for operation of their components and trusted roles; providing Tier 2 and Tier 3 help desk support to participating agencies; and providing oversight and support for smart card token procurement and management.
The CSP provides a capability for federal agencies to issue and maintain classified PKI hardware tokens. It also provides validation services such as availability of Certificate Revocation List and Online Certificate Status Protocol.
VALUE TO OUR MISSION PARTNERS
In October 2011, the President issued Executive Order 13587 Structural Reforms To Improve The Security Of Classified Networks And The Responsible Sharing And Safeguarding Of Classified Information [EO 13587
] which states "Our Nation's security requires classified information to be shared immediately with authorized users around the world but also requires sophisticated and vigilant means to ensure it is shared securely." The implementation, deployment, and use of a common interoperable PKI on Secret-level networks by federal agencies is one of the means to ensure secure information sharing. Executive Order 13587 called for structural reforms to improve the security of classified networks and the responsible sharing and safeguarding of classified information.