MODIFICATION
D -- eAuthentication Path Discovery and Validation
- Notice Date
- 4/14/2005
- Notice Type
- Modification
- NAICS
- 518111
— Internet Service Providers
- Contracting Office
- General Services Administration, Federal Technology Service (FTS), IT Acquisition Service Center (TFL), 18th & F Streets, NW, Room 2024, Washington, DC, 20405
- ZIP Code
- 20405
- Solicitation Number
- Reference-Number-RFI-PD-VAL-041505
- Response Due
- 4/22/2005
- Archive Date
- 5/7/2005
- Point of Contact
- Sherman Farves, Contracting Officer, Phone 202-501-2769, Fax 202-501-4681, - Curtis Glover, Sr., Contract Specialist, Phone (202) 501-1853, Fax (202) 501-4681,
- E-Mail Address
-
sherman.farves@gsa.gov, curtis.glover@gsa.gov
- Description
- 518111--Internet Service Provider 518112--Web Search Portals 518210--Data Processing, Hosting, and Related Services NOTICE: THE RESPONSE DUE DATE IS HEREBY EXTENED TO APRIL 22, 2005.......... RFI eAuthentication Path Discovery and Validation ..INTRODUCTION: The E-Authentication Initiative (EAI) has identified the need for products and services to perform certificate path discovery and validation in compliance with Federal government requirements. The intent of this Request for Information (RFI) is to invite the vendor community to share their capabilities in this area with the Federal government. The Federal Public Key Infrastructure (FPKI) is constructed as a bridge-enabled environment. The EAI acknowledges that commercially available products capable of performing path discovery and path validation in a bridge-enabled environment may be very limited. Thus, the intent of this RFI is to query the vendor community to determine the state of available products and their ability to implement any or all of the functional requirements described in Section 4 of this document. ..SCOPE: The RFI document specifies the functional requirements for certificate path discovery and validation used in cross-domain environment. Section 2 of the document describes the EAI?s general approach to identify appropriate products and services. Section 3 provides background information on the cross-domain environment in which these products and services will operate. Functional requirements are specified for path discovery, path validation, delegated path validation, auditing, and hosted services in Section 4. Three basic scenarios for implementing these requirements are considered: all functionality may be performed locally; all functionality may be performed remotely by a hosted service; or, functionality may be shared between a local capability and a remote hosted service. Auditing may be handled by the same component that performs path discovery and validation, or may be left to each PKI-enabled application. Related expectations for performance metrics are specified in Section 5. ..GENERAL APPROACH: Section 4 of the RFI document describes the functional requirements for performing certificate validation for certificate-based applications utilizing the FPKI. While the Government's ultimate goal is to acquire products/services that fully meet these requirements, we acknowledge that products/services available today may not fully address these requirements. Therefore, we are interested in determining the state of industry, and subsequently working with vendors whose products most closely meet these requirements. The Government is seeking information on two general approaches for certification validation: local validation products and hosted validation services. Local validation products are co-located with the relying application. Hosted validation services are services provided by the vendor that perform the certificate validation, and interface to the relying application to provide certificate validation results. Applications may include web-based applications running on web servers (e.g., Apache, Microsoft IIS, etc.), and desktop applications (e.g., Microsoft Outlook, Adobe Acrobat, etc.). Vendors are asked to review the set of functional requirements described within the RFI Section 4. Vendors are then asked to provide a response for each capability, indicating whether or not their respective product/service implements this capability. Appendix A of the RFI provides the template to be used for all responses. Multiple templates should be used for multiple product responses. Responses will be reviewed, and products and services best meeting the needs of the EAI will be invited for testing in the E-Authentication Interoperability Lab. Testing will begin April 25, 2005. At the conclusion of this testing, products and services determined to be acceptable may be entered onto a list of qualified and preferred vendors for use by federal agencies implementing certificate-based E-Authentication solutions. This list will be released to the public no later than June 30, 2005. ..HOW TO OBTAIN A COPY OF THE RFI: If your firm is interested in participating in this ambitious project, then submit your request for a copy of the RFI eAuthentication Path Discovery and Validation Products and Services document to pathval2@cam.mitretek.org.
- Place of Performance
- Address: General Services Administration, 1800 F Street, NW, Washington, DC 20405
- Record
- SN00788437-W 20050416/050414212524 (fbodaily.com)
- Source
-
FedBizOpps.gov Link to This Notice
(may not be valid after Archive Date)
| FSG Index | This Issue's Index | Today's FBO Daily Index Page |