What type of test material would best serve my development, integration, or testing needs?

disturbeddeterminedΤεχνίτη Νοημοσύνη και Ρομποτική

21 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

70 εμφανίσεις

Page
1

of
3

What type of test material would best serve my development,
integration, or testing needs?


The DoD CAC
-
PKI programs provide identity credentials for several different populations within
DoD for different purposes. Most of the infrastructures that provide

these credentials have a
companion test infrastructure for DoD’s development and testing communities. Below is a list of
the different available DoD CAC
-
PKI test material with recommended usages:


#

Test Material

Target

Development/Test

Audience

Typical
Turnaround

A

DoD PKI
Test
Software Certificates



T慲来t 灯灵l慴楯n
: D潄 灥r獯s湥l 潲
affili慴敳aw桯 摯 湯t pr潣敳猠䍁C献



Description
:

DoD PKI test software
certificate
s are

the best test material to be
used in development/testing of web
-
based application
, portals or website in
which the user interface is a browser.
This material is distributed virtually as
PKCS#12 files
.
1




D潄 䱥慤
:

DISA



䱯捡瑩cn
:

I湳nr畣瑩u湳 潮 req略sti湧
獯ftw慲攠捥rtifi捡t敳e捡c 扥 f潵湤 慴
桴hp://jit挮f桵.摩獡.mil/pki/火i彬慢/潢t慩湩湧
彪it损c獳略摟t敳瑟捥rtific慴敳ahtml





Web
-
扡獥s 慰灬i捡瑩c湳n
灯rt慬猬 慮搯dr w敢獩t敳⁩渠
whi捨⁢c潷獥爠i猠畳ur
i湴敲f慣a.



A灰li捡瑩c湳⁴桡t 獥捵r攠
捲yp
t潧r慰桩挠獥rvi捥猠
from Mi捲潳oft
Cry灴潧ra灨i挠A灰li捡瑩c渠
I湴nrf慣a (API) 潲
Cry灴潧ra灨y API: N數t
G敮敲eti潮 (CNG)

1
-
2
business
days

B

DoD External Certificate Authority
PKI
Test
Credentials



T慲来t 灯灵l慴楯n
: D潄 扵獩湥獳s
灡rt湥r猠慮d i湤ivi摵慬猠湥
敤i湧 t漠
i湴敲慣a wit栠䑯D w桯 慲攠湯t 摩r散e
捯ctr慣t 獵s灯rt 灥r獯sn敬 (攮朮g
捯ctr慣t潲 灥r獯s湥l w桯 摯 湯t q畡lify
f潲 CAC猩. Prim慲a 畳u来 i猠to 摩git慬ly
獩g港敮捲y灴pe
-
m慩l, 摩git慬ly 獩g渠f潲ms,
慮搠慵d桥nti捡瑩c渠t漠䑯D w敢獩t敳⽷敢
-
慰灬i捡瑩c湳
.



D敳捲楰ti潮
:

D潄 PKI te獴 捥rtifi捡t敳
t桡t 捯浥 i渠t桥 f潲m of 獯ftw慲攠(i.攮,
PKCS⌱㈠2il敳e 潲 桡r摷慲攠(i.攮, smart
捡牤c 捲敤敮ti慬献



D潄 l
敡e
: DISA



䱯捡瑩cn
:

Av慩l慢ility 潦ot桩猠t敳t m慴ari慬
i猠limit敤.
Req略st猠f潲 ECA t敳e mat敲楡l
獨s畬搠
扥 m慤攠摩r散tly t漠o桥 v敮摯r猠
(
桴t瀺//i慳a.摩獡smil/火i/e捡⽩c摥.桴hl





Web
-
扡獥s 慰灬i捡瑩c湳n
灯rt慬猬 慮搯dr w敢獩t敳⁩渠
whi捨⁢c潷獥爠i猠畳ur
i湴敲f慣a.



A灰li捡瑩c湳⁴桡t 獥捵r攠
捲y灴潧p慰桩c

獥rvi捥猠
from Mi捲潳oft
Cry灴潧ra灨i挠A灰li捡瑩c渠
I湴nrf慣a (API) 潲
Cry灴潧ra灨y API: N數t
G敮敲eti潮 (CNG)



A灰li捡瑩c湳n
摥vi捥c

t桡t

獥牶i捥潮
-
䍁䌠
敬igi扬e

灥r獯s湥l.



A灰li捡瑩cn
/摥vi捥猠c桡t
桡v攠e湯wl敤g攠ef 慮d
t散e湩捡c i湴敲f慣as to
獭慲t 捡牤c a
湤/or
數t敲湡e tok敮s 慮搠d
敥搠
獥牶i捥猠摩r散瑬e from
t桥m.



A灰li捡瑩c港摥ni捥猠c桡t
湥敤 獥牶i捥猠from t桥
Varies by
DoD
ECA Vendor




1

Note
: PKCS#12 file contain both private keys and certificates. For more i
nfo:
http://www.rsa.com/rsalabs/node.asp?id=2138

Page
2

of
3

ECA smart cards

and
process cryptography from
tokens on their own, i.e.,
without leveraging web
browsers or MS
cryptographic capabilities

C

DoD
Test
Alternate Tokens



Target population:

Non
-
CAC eligible
populations who require access to
UNCLASSIFED networked DoD accounts
(e.g., selected volunteers or non
-
US
persons)



Description
:

DoD PKI test certificates
that come on hardware

(i.e., smart cards)
tokens procure and managed by the DoD
Components.

These cards do not contain
barcode or contactless technologies.



DoD
l
ead
: Individual DoD Components



Location
:
This material may be available
for selected development/test populations

as decided by the
PKI Leads for
each
individual DoD Component. Please
contact the below to inquiry for more
detail:

-

US
AF
,
AFPKI.Helpdesk@lackland.af.
mil


-

USN
,

itac@infosec.navy.mil


-

USMC
,
james.mcdonald.ctr@mcnosc.
usmc.mil


-

USA,
iacacpki.helpdesk@us.army.mil


-

WHS
,

whsra@whs.mil





Applications/
devices

that

service non
-
CAC
eligible

personnel.



Applicatio
n/devices that
have knowledge of and
technical interfaces to
smart cards and/or
external tokens and
need
services directly from
them
.



Application/devic
es that
need

services from the
alternate tokens

and
process cryptography from
tokens on their own,
without leveraging web
browsers or MS
cryptographic capabilities

Varies by DoD
Component

D

DoD
Test
Common Access Card




Target population
:

DoD civilian,
military, and
selected contract support
personnel.




Description
:

DoD test credential that
contains hardware DoD PKI
certificates,
DoD CAC Data model
including JDM applets, FIPS 800
-
73
interfaces,
contactless technology,
magnetic stripe, 2
-
dimensional
barcode

(PDF417)
,

linear barcode

(Barcode 39)
, and conforms with FIPS
201.



DoD
l
ead
: DMDC



Location
:
Test CAC request forms are

process through
the
DoD Components
test card approval agents.
Submissions and inquiries
can be
made directly to each DoD Component
CAC
-
PKI lead
s or


Application/devices that
have knowledge

of and
technical

card edge

interfaces to

smart cards
and/or e
xternal tokens
and need service

directly
from CACs.



Application/devices
that
need se
rvices from the
CAC and
process
cryptography from
tokens on their own
,

i.e.,
without leveraging web
browsers or MS
cryptographic
capabilities.


Approximately
25
-
30 business
days

Page
3

of
3

cacsupport@mail.mil
.