Link updates

_ficampmo/ficampmo.md

@@ -44,7 +44,7 @@ Through this four-part framework, the GSA FICAM Program leads or coordinates the
 3. Recognition
    1. Workforce identity trust services
    2. FIPS 201 Approved Product List
-   3. [GSA PKI Shared Service Provider Program]({{site.baseurl}}/ssppki/) - Manage commercial PKI service providers that issue Federally-compliant digital certificates.
+   3. [GSA PKI Shared Service Provider Program]({{site.baseurl}}/pkissp/) - Manage commercial PKI service providers that issue Federally-compliant digital certificates.
 4. Compliance
    1. [FIPS 201 Evaluation Program]({{site.baseurl}}/fips201/) - Tests and certify services and commercial products used in PIV credentialing systems and physical access control systems.
    2. Federal PKI Annual Review Process
@@ -59,7 +59,7 @@ The GSA FICAM Program coordinates and oversees governmentwide ICAM initiatives a
 
 The [Identity, Credential, and Access Management Subcommittee (ICAMSC)](https://community.max.gov/pages/viewpage.action?pageId=234815732){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"} is the principal interagency forum for identity management, secure access, authentication, authorization, credentials, privileges, and access lifecycle management. It’s a sub-committee of the [Federal CIO Council’s Chief Information Security Officer (CISO) Council](https://www.cio.gov/about/members-and-leadership/ciso-council/){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}. 
 
-The ICAMSC is co-chaired by the [GSA Office of Government-wide Policy](https://gsa.gov/portal/category/21399){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"} and another volunteer agency (currently the Department of Justice). The ICAMSC aligns the identity management activities of the federal government and supports collaborative government-wide efforts to:
+The ICAMSC is co-chaired by the [GSA Office of Government-wide Policy](https://www.gsa.gov/about-us/organization/office-of-governmentwide-policy){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"} and another volunteer agency (currently the Department of Justice). The ICAMSC aligns the identity management activities of the federal government and supports collaborative government-wide efforts to:
 - Increase agency flexibility in addressing ICAM challenges;
 - Coordinate interagency efforts to meet agency mission needs;
 - Identify gaps in policies, procedures, standards, guidance, and services; and
@@ -110,19 +110,19 @@ It is co-chaired by the GSA Office of Government-wide Policy. The GSA Office of
 ### Activities
 - **Approve Policies and Practices** – Approve Federal Bridge Certification Authority (FBCA) and Federal Common Policy Certification Authority Certificate Policies (CPs), including revisions; approve FPKI Trust Infrastructure Certification Practice Statements.
 - **Approve Entity Cross-Certification** – Establish and administer criteria and methodology for cross-certification with the FBCA; approve cross-certifications and execute Memoranda of Agreement (MOAs); maintain the FPKI Certification Applicant Requirements and the Common Policy CPS Evaluation Matrix.
-- [**Maintain Compliance**](../fpkiaudit/) – Ensure cross-certified entities are compatible with the FBCA Certificate Policy (CP) (or the Federal Common Policy Certification Authority (FCPCA) CP for Federal Legacy CAs).
+- [**Maintain Compliance**]({{site.baseurl}}/fpki/#audit-information-for-the-fpki-management-authority) – Ensure cross-certified entities are compatible with the FBCA Certificate Policy (CP) (or the Federal Common Policy Certification Authority (FCPCA) CP for Federal Legacy CAs).
 - **Agreement with FPKI Management Authority** – Oversee the FPKI Management Authority (FPKIMA) to issue and revoke cross-certificates, ensure adherence to the FPKI CPs, and provide documentation to be archived.
 - **Interoperability Practices** – Coordinate legal, policy, technical, and business practices and issues related to FPKI Trust Infrastructure.
 
 ### Membership and Meetings
 
-Members are appointed by each federal agency’s CIO, and the group operates under the authority of the Federal CIO Council through the Information Security and Identity Management Committee (ISIMC) and the Identity, Credential, and Access Management Subcommittee (ICAMSC). See the [FPKIPA Charter](../../docs/fpkipa-charter.pdf){:target="_blank"}{:rel="noopener noreferrer"} (PDF, August 2021) for information on membership requirements, voting rights, etc.
+Members are appointed by each federal agency’s CIO, and the group operates under the authority of the Federal CIO Council through the Information Security and Identity Management Committee (ISIMC) and the Identity, Credential, and Access Management Subcommittee (ICAMSC). See the [FPKIPA Charter]({{site.baseurl}}/docs/fpkipa-charter.pdf){:target="_blank"}{:rel="noopener noreferrer"} (PDF, August 2021) for information on membership requirements, voting rights, etc.
 
 The FPKIPA meets in the morning on the second Tuesday of each month. Contact fpki at gsa.gov to participate in the FPKIPA or its working groups.
 
 ## Federal Public Key Infrastructure Management Authority
 
-[The Federal Public Key Infrastructure Management Authority (FPKIMA) enables government-wide trust](../../docs/fpki-fpkima-wp.pdf){:target="_blank"}{:rel="noopener noreferrer"} by providing trust infrastructure services to federal agencies. The FPKIMA is governed under the FPKI Policy Authority (FPKIPA) and managed by the GSA Federal Acquisition Service.
+[The Federal Public Key Infrastructure Management Authority (FPKIMA) enables government-wide trust]({{site.baseurl}}/docs/fpki-fpkima-wp.pdf){:target="_blank"}{:rel="noopener noreferrer"} by providing trust infrastructure services to federal agencies. The FPKIMA is governed under the FPKI Policy Authority (FPKIPA) and managed by the GSA Federal Acquisition Service.
 
 ### Activities
 - **Manage digital certificate policies and standards** to ensure secure physical and logical access, document sharing, and communications across federal agencies and between external business partners.

_ficampmo/fips201ep.md

@@ -82,7 +82,7 @@ Product testing is performed by either:
 
 If the product passes testing and review, the vendor is granted a letter of certification, and the product is placed on the [Approved Products List (APL)]({{site.baseurl}}/acquisition-professionals/#products). The APL includes product information, version, date of certification, and special considerations.
 
-Visit the [Vendors page]({{site.baseurl}}/vendor/) for more on testing and certification.
+Visit the [Vendors page]({{site.baseurl}}/vendors/) for more on testing and certification.
 
 ## Testing Guidance and Documents
 
@@ -120,7 +120,7 @@ All applicants, please complete the following steps:
 Agencies that wish to issue D-PIV credentials should follow these steps:
 1. Perform a NIST SP 800-79 assessment and receive an Authority To Operate (ATO)
 2. Work with your Shared Service Provider (SSP) to obtain D-PIV Object Identifiers (OIDs)
-3. Submit sample D-PIV public certificates for testing or provide results from the [Certificate Profile Conformance Tool (CPCT)]({{site.baseurl}}/fpki/tools/cpct/){:target="_blank"}{:rel="noopener noreferrer"} to fips201ep at gsa.gov.
+3. Submit sample D-PIV public certificates for testing or provide results from the [Certificate Profile Conformance Tool (CPCT)](https://github.com/GSA/cpct-tool/releases/){:target="_blank"}{:rel="noopener noreferrer"} to fips201ep at gsa.gov.
 
 Upon successful completion of DPCI testing, the agency or organization will be granted approval to issue D-PIV credentials.
 

_ficampmo/gsapkissp.md

@@ -67,7 +67,7 @@ This document is primarily for the following audience:
 2. Existing GSA PKI SSP Program members to refresh their knowledge of ongoing maintenance requirements. 
 3. Federal agency customers who want to understand the GSA PKI SSP program or find contact information for the program management.
 
-If you have questions about this document or the outlined process, contact [[email protected]]([email protected]).
+If you have questions about this document or the outlined process, contact [[email protected]](mailto:[email protected]).
 
 # Section I: GSA PKI SSP Program 
 
@@ -142,7 +142,7 @@ A PKI Vendor will be asked for proof or to provide attestations regarding their
 
 ### MOA Procedural Guidance:
 
-- Send an email to [[email protected]](mailt0:[email protected]) requesting admission to the GSA PKI SSP Program.
+- Send an email to [[email protected]](mailto:[email protected]) requesting admission to the GSA PKI SSP Program.
 - SSPs must obtain, review, and sign the MOA from the SSP Program Office.
 
 Once an MOA is signed, the GSA PKI SSP will sponsor the vendor to apply to the Federal PKI Policy Authority.

_implement/introduction.md

@@ -35,8 +35,8 @@ The majority of engineering guides are focused on helping agencies configure PIV
    1. [Windows Domains]({{site.baseurl}}/implement/scl-windows)
    2. [MacOS]({{site.baseurl}}/implement/scl-macos)
    3. [Microsoft Outlook (on-premise)]({{site.baseurl}}/implement/outlook)
-   4. [Firefox Browser]({{site.baseurl}}/implement/firefox)
-   5. [SSH Command Line]({{site.baseurl}}/implement/ssh)
+   4. [Firefox Browser]({{site.baseurl}}/implement/scl-firefox)
+   5. [SSH Command Line]({{site.baseurl}}/implement/scl-ssh/)
    6. Certificate-based Authentication on Azure AD (Coming soon!)
    7. Certificate-based Authentication on Okta (Coming soon!)
 2. FIDO2 Configuration

_implement/outlook.md

@@ -86,7 +86,7 @@ The Global Address List (GAL) is a shared, enterprise-wide contact directory in
 
 When sending an encrypted email, the message is encrypted using the public key in the intended recipient's certificate.  If Outlook cannot find the intended recipient's public key through the [Global Address List](#publish-your-certificates-to-the-global-address-list), you may need to load it manually.
 
-1. Obtain a copy of the intended recipient's [Key Management]({{site.baseurl}}/arch/pivdetails/) certificate (you may need to ask the intended recipient to export and share their certificate with you)
+1. Obtain a copy of the intended recipient's [Key Management]({{site.baseurl}}/university/piv/#how-to-view-piv-credential-certificates) certificate (you may need to ask the intended recipient to export and share their certificate with you)
 2. Click the **Home** tab.
 3. Click the **Address Book**.
 4. Select **File** > **New Entry**.
@@ -112,6 +112,6 @@ PIV users may receive and store encrypted emails througout their tenure in an or
 ## Other Helpful References
 
 - Enabling S/MIME on [Mac Mail](https://support.apple.com/guide/mail/sign-or-encrypt-emails-mlhlp1180/mac){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}
-- Enabling S/MIME on [Thurderbird email client](https://docs.nitrokey.com/pro/smime-thunderbird.html){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}
+- Enabling S/MIME on [Thurderbird email client](https://docs.nitrokey.com/storage/mac/smime-thunderbird.html){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}
 - S/MIME with [Gmail](https://support.google.com/a/topic/9061730?hl=en&ref_topic=2683828){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}
 - S/MIME with [O365](https://support.microsoft.com/en-us/office/encrypt-messages-by-using-s-mime-in-outlook-web-app-2e57e4bd-4cc2-4531-9a39-426e7c873e26){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}

_implement/scl-ssh.md

@@ -44,7 +44,7 @@ PuTTY-CAC is an open-source SSH client that uses Microsoft's CryptoAPI (CAPI). (
 <br><br>
 <img src="{{site.baseurl}}/assets/piv/ssh-putty-cac-1.png" alt="PuTTY configuration window." width="470" height="449">
 <br><br>
-4. From the **Windows Security** list, select your PIV/CAC authentication certificate by clicking _OK_. If you don't see your certificate, click _More choices_. (For help with certificates, see [Understanding PIV Certificates]({{site.baseurl}}/arch/pivdetails/).
+4. From the **Windows Security** list, select your PIV/CAC authentication certificate by clicking _OK_. If you don't see your certificate, click _More choices_. (For help with certificates, see [Understanding PIV Certificates]({{site.baseurl}}/university/piv/#how-to-view-piv-credential-certificates).
 <br><br>
 <img src="{{site.baseurl}}/assets/piv/winSCP-5.PNG" alt="A PuTTY select certificate for authentication screenshot." width="454" height="377">
 <br>
@@ -88,7 +88,7 @@ WinSCP is an open-source, secure copy protocol (SCP) and secure file transfer pr
 <br>
 <img src="{{site.baseurl}}/assets/piv/winSCP-4.PNG" alt="A screenshot showing Add CAPI Cert selected." width="247" height="275">
 <br>
-8. From the **Windows Security** screen, select your PIV/CAC authentication certificate, and click _OK_. If you don't see your certificate, click _More choices_. (For help with certificates, see [Understanding PIV Certificates]({{site.baseurl}}/arch/pivdetails/){:target="_blank"}{:rel="noopener noreferrer"}.)
+8. From the **Windows Security** screen, select your PIV/CAC authentication certificate, and click _OK_. If you don't see your certificate, click _More choices_. (For help with certificates, see [Understanding PIV Certificates]({{site.baseurl}}/university/piv/#how-to-view-piv-credential-certificates){:target="_blank"}{:rel="noopener noreferrer"}.)
 <br>
 <img src="{{site.baseurl}}/assets/piv/winSCP-5.PNG" alt="A screenshot showing a PuTTY select certificate for authentication window with the OK button selected." width="269" height="223">
 <br>