To improve the public’s ability to securely access and use DoD public-facing resources, DoD Instruction 8520.02 Sections 3.1.a.(4)(c) and 3.1.a.(5)(a) approve the use of commercial publicly trusted PKI certificates on unclassified public-facing DoD websites, Mobile Device Management (MDM) systems, and Enterprise Email Message Security Gateway (EEMSG) mail servers, as well as for signing code available from unclassified public-facing DoD websites, subject to the conditions set forth in the instruction.
| Title | Size | Updated | |
|---|---|---|---|
|
DoD CIO Memo: Curtail Issuance of Entrust Non-Person Entity, Public Key Infrastructure Certificates
This DoD CIO memo, dated 29 Oct 2024, provides guidance that Entrust NPE PKI certificates issued after 11 Nov 2024 should not be used to credential DoD public websites.
|
259.9 KB |
03 Dec 2024
|
|
|
Using Commercial PKI Certificates
This slick sheet addresses questions regarding how and where commercial PKI certificates may be used within the DoD.
|
129.77 KB |
03 Dec 2024
|
|
|
Update to DoD CIO Memo on Commercial Public Key Infrastructure Certificates on Public-Facing DoD Websites
This memorandum, signed on November 8, 2021, updates and replaces DoD CIO Memorandum "Commercial Public Key Infrastructure Certificates on Public-Facing DoD Websites" dated November 6, 2020. It provides guidance on the use of commercial TLS and code signing PKI certificates on public-facing DoD websites and services.
|
254.16 KB |
10 Mar 2023
|