In addition to the DoD PKI, the PKIs listed below are approved for use within DoD at the Federal PKI medium hardware equivalent assurance level or higher. Some of the PKIs listed in this section are operated by DoD partners exclusively to serve their own organizations, while others act as Federal Shared Service Providers (SSPs) or commercial Non-Federal Issuers (NFIs). The DoD External Certification Authority (ECA) program provides an alternate method for DoD partners to obtain DoD-approved PKI credentials and is also included.
The DoD External Interoperability Plan (EIP)DoD Instruction 8520.02 Appendix 3B: Mission Partner External PKI Approval Process defines six types of PKIs that can be submitted for DoD approval on unclassified networks:
- Federal Executive Branch Department and Agency PIV PKIs are operated by individual federal agencies for issuance of PIV PKI credentials to their own personnel.
- Federal Executive Branch Shared Service Provider (SSP) PIV PKIs contract PKI services under the GSA PKI SSP Program for issuance of PIV credentials to Federal Executive Branch departments and agencies. Note: See https://www.idmanagement.gov/fpki/notifications/#piv-issuer-information for a listing of type 1 & 2 PKIs used by various federal agencies.
- Commercial Medium Hardware PKIs are typically operated by large DoD industry partners for issuance of PKI credentials to their employees and contractors; they may also issue PKI credentials to other organizations if permitted by their Memorandum of Agreement (MOA) with DoD.
- Commercial Personal Identity Verification-Interoperable (PIV-I) PKIs issue PIV-I PKI credentials to entities that may include employees and contractors of their own organization, other commercial organizations, non-executive branch Federal entities (e.g., the United States Senate), State and local governments as permitted by the PIV-I PKI’s MOA with DoD.
- Combined Communications-Electronics Board (CCEB) Partner PKIs are unclassified PKIs operated by CCEB partner nations to issue credentials to their personnel.
- Other Mission Partner External PKIs on Unclassified DoD Networks are PKIs serving DoD mission partners that do not align with any of the other listed types (e.g. non-CCEB foreign governments, group or multinational organizations such as the North Atlantic Treaty Organization (NATO)).
The DoD Approved External PKIs Master Document contains the authoritative list of approved partner PKIs (as reflected in the table below), including Certification Authorities (CAs) and assurance levels. The DoD Approved External PKI Certificate Trust Chains zip file contains the corresponding CA certificates. You can find information for a particular PKI by clicking on the PKI’s name in the table.
DoD-Approved External PKIs
| Type | PKI | Highest Assurance Level | Date Tested | Date Retested |
|---|---|---|---|---|
| DoD Sponsored | DoD External Certification Authority (ECA) Program | PIV-I | N/A | |
| Type 1 | Department of State PKI | PIV | Sep 2008 | May 2020 |
| Type 2 | Agencies include, but are not limited to: Department of Energy Department of Justice National Institute of Standards and Technology Health and Human Services | PIV PIV | Feb 2010 Oct 2013 | Jul 2024 |
| Type 2 | Agencies include, but are not limited to: Department of Transportation/Federal Aviation Administration | PIV PIV | Dec 2008 Jun 2024 | Jul 2014 |
| Type 2 | Agencies include, but are not limited to: Department of Transportation/Federal Aviation Administration | PIV PIV | Nov 2008 | Oct 2021 |
| Type 2 | Agencies include: Department of Homeland Security Fiscal Services National Aeronautics and Space Administration Social Security Administration U.S. Treasury Department-OCIO Department of Veteran Affairs | PIV PIV PIV PIV PIV PIV PIV | Sep 2008 Mar 2009 Mar 2009 Mar 2009 Jan 2009 Sep 2008 Mar 2020 | Oct 2024 Oct 2024 Oct 2024 Oct 2024 Oct 2024 |
| Type 2 | Agencies include: Department of Veteran Affairs | PIV PIV | Oct 2009 | Apr 2019 |
| Type 3 | Boeing PKI | Medium Hardware | May 2012 | Jul 2019 |
| Type 3 | Exostar LLC PKI | Medium Hardware | Sep 2009 | Mar 2021 |
| Type 3 | Lockheed Martin PKI | Medium Hardware | Mar 2009 | Dec 2022 |
| Type 3 | Raytheon PKI | Medium Hardware | Mar 2009 | Mar 2021 |
| Type 4 | Carillon Federal Services PKI | PIV-I | Dec 2015 | Sep 2021 |
| Type 4 | Carillon Information Security PKI | PIV-I | Sep 2021 | |
| Type 4 | Entrust Managed Services NFI PKI | PIV-I | Oct 2011 | Sep 2024 |
| Type 4 | IdenTrust NFI PKI | PIV-I | Mar 2016 | |
| Type 4 | Northrop Grumman PKI | PIV-I | Nov 2008 | Jun 2023 |
| Type 4 | Organizations include: U.S. Senate | PIV-I PIV-I | Mar 2012 Jul 2023 | Jul 2021 |
| Type 4 | Organizations include: CSRA (Formerly Computer Sciences Corporation) Eid Passport SureID U.S. Senate | PIV-I Medium Hardware PIV-I PIV-I PIV-I | Apr 2011 Jan 2013 Feb 2013 Mar 2017 Sep 2018 | Jul 2016 Aug 2014 Jan 2022 |
| Type 5 | Australian Defence Organisation (ADO) PKI | Medium Hardware | Jun 2013 | Oct 2022 |
| Type 6 | Netherlands Ministry of Defence PKI | Medium Hardware | Sep 2012 | Feb 2020 |
Interoperability Tools and Documents
This table contains DoD PKI interoperability policy, implementation guidance, and PKE tools that can help facilitate various aspects of configuring DoD systems to support DoD-approved external PKI credentials.