GSA · JBPayne007 · Sep 18, 2024 · Sep 16, 2024 · Sep 16, 2024 · Sep 16, 2024
@@ -117,7 +117,7 @@
 
 - category: Federal Bridge Change Proposal
   numberProposal: 2023-05
-  name: Proposal 2023-05 | Certificate Modificaitons and Restorations
+  name: Proposal 2023-05 | Certificate Modifications and Restorations
   description: Clarify the requirements around certificate modifications, define requirements for certificate restoration, align audit and archive terminology for certificate status changes, and clarify the relationship between the CMS and the PIV-I content signer.
   date: 11/29/2023
   url: /docs/archived/fpki-fbca-cp-2305.pdf

@@ -79,7 +79,7 @@ Membership is open to federal agency employees with a .gov or .mil email address
 
 ### ICAMSC Working Groups
 
-The ICAMSC charters working groups based on a defined-purpose and timeline. See the complete list of active and inactive working groups at the [ICAMSC Max.gov page](https://community.max.gov/pages/viewpage.action?pageId=234815732){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}. Send an email to icam at gsa.gov for more information and join a working group.
+The ICAMSC charters working groups based on a defined-purpose and timeline. See the complete list of active and inactive working groups at the [ICAMSC Max.gov page](https://community.max.gov/pages/viewpage.action?pageId=234815732){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}. Send an email to [icam@gsa.gov](mailto:[email protected]) for more information and join a working group.
 
 | Working Group Name | Purpose | Activities | Membership Requirements | Meeting Schedule | 
 | --------- | ---- | ---------- | ------- | ----------- |
@@ -119,7 +119,7 @@ It is co-chaired by the GSA Office of Government-wide Policy. The GSA Office of
 
 Members are appointed by each federal agency’s CIO, and the group operates under the authority of the Federal CIO Council through the Information Security and Identity Management Committee (ISIMC) and the Identity, Credential, and Access Management Subcommittee (ICAMSC). See the [FPKIPA Charter]({{site.baseurl}}/docs/fpkipa-charter.pdf){:target="_blank"}{:rel="noopener noreferrer"} (PDF, August 2021) for information on membership requirements, voting rights, etc.
 
-The FPKIPA meets in the morning on the second Tuesday of each month. Contact fpki at gsa.gov to participate in the FPKIPA or its working groups.
+The FPKIPA meets in the morning on the second Tuesday of each month. Contact [fpki@gsa.gov](mailto:[email protected]) to participate in the FPKIPA or its working groups.
 
 ## Federal Public Key Infrastructure Management Authority
 
@@ -143,13 +143,13 @@ The FPKIPA meets in the morning on the second Tuesday of each month. Contact fpk
 - [FPKIMA Newsletter (Spring 2019) "The Big Bridge Issue" (PDF)]({{site.baseurl}}/docs/fpki-fpkima-newsletter-62.pdf){:target="_blank"}{:rel="noopener noreferrer"}
 - [FPKIMA Newsletter (Winter 2018) "GSA ACES Program Sunset Update" (PDF)]({{site.baseurl}}/docs/fpki-fpkima-newsletter-61.pdf){:target="_blank"}{:rel="noopener noreferrer"}
 
-If your agency is experiencing issues related to the FBCA or FCPCA, contact fpki-help at gsa.gov
+If your agency is experiencing issues related to the FBCA or FCPCA, contact [fpki-help@gsa.gov](mailto:[email protected])
 
 ### Federal Public Key Infrastructure Working Groups
 
 The FPKIPA charters three ongoing working groups and potentially other short-term working groups and tiger teams. 
 
-If you meet the membership criteria and wish to join a working group, email fpki at gsa.gov and include the text "Request to Join xx," where "xx" is the name of the working group.
+If you meet the membership criteria and wish to join a working group, email [fpki@gsa.gov](mailto:[email protected]) and include the text "Request to Join xx," where "xx" is the name of the working group.
 
 | Working Group Name | Purpose | Activities | Membership Requirements | Meeting Schedule | 
 | --------- | ---- | ---------- | ------- | ----------- |

@@ -191,5 +191,5 @@ All applicants, please complete the following steps:
 GSA can loan you test cards to help you pre-test your physical access control system products.
 
 - [PACS Test Card Loaner Process (PDF, November 2019).]({{site.baseurl}}/docs/pacstest-process.pdf){:target="_blank"}{:rel="noopener noreferrer"}
-- [PACS Test Card Loaner Set Request Form (MS Word, October 2019)]({{site.baseurl}}/docs/pacstest-loanerrequestform.docx){:target="_blank"}{:rel="noopener noreferrer"} – Sign and submit this form to fips201ep at gsa.gov.
+- [PACS Test Card Loaner Set Request Form (MS Word, October 2019)]({{site.baseurl}}/docs/pacstest-loanerrequestform.docx){:target="_blank"}{:rel="noopener noreferrer"} – Sign and submit this form to [fips201ep@gsa.gov](mailto:[email protected]).
 - [PACS Test Card User Guide (PDF, January 2019).]({{site.baseurl}}/docs/pacstest-testuserguide.pdf){:target="_blank"}{:rel="noopener noreferrer"}
@@ -26,11 +26,11 @@ subnav:
 ---
 
 This page contains information to help Federal Public Key Infrastructure (FPKI) program managers and auditors.
-- It includes the FPKI policies and profiles as well as annual FPKI annual review schedule.
+- It includes the FPKI policies and profiles as well as the FPKI annual review schedule.
 - It can help auditors assess certification authorities (CAs) operated as part of the FPKI. 
 - It can help the general public understand how the FPKI Management Authority (FPKIMA) provides trusted PKI and CA operations.
 
-For any questions, please contact fpki at gsa.gov.
+For any questions, please contact [fpki@gsa.gov](mailto:[email protected]).
 
 ## Federal PKI Policies and Profiles
 
@@ -52,15 +52,15 @@ The FPKI has the following supplementary guidance:
 - [Security Controls Overlay of NIST Special Publication 800-53 Revision 5 Security Controls for FPKI Systems (PDF, February 2021)]({{site.baseurl}}/docs/fpki-overlay-sp-800-53.pdf){:target="_blank"}{:rel="noopener noreferrer"} – The application of NIST Special Publication (SP) 800-53 security controls is required to operate a CA that is used in the FPKI and contains federal data. Review the controls overlay document to understand the requirements and details of each applicable control.
 - [Registration Authority Agreement Template v1.0 (Word, April 2017)]({{site.baseurl}}/docs/fpki-ssp-raa.docx){:target="_blank"}{:rel="noopener noreferrer"} - The purpose of this document is to identify and explain the roles and responsibilities of an enrollment/registration agent under the Federal PKI COMMON Policy Framework.
 - [FPKI Incident Management Plan (PDF, September 2020)]({{site.baseurl}}/docs/fpki-imp.pdf){:target="_blank"}{:rel="noopener noreferrer"} - This document provides guidance on the roles and responsibilities applicable to the FPKI Policy Authority (FPKIPA), FPKI Management Authority (FPKIMA), and FPKI affiliates in the event of an incident.
-- [Archived copies of Certificate Polices, Profiles, and other FPKI-related documents]({{site.baseurl}}/fpki/#federal-pki-document-archive) - This pages contains three years of FPKI-related documents.
+- [Archived copies of Certificate Policies, Profiles, and other FPKI-related documents]({{site.baseurl}}/fpki/#federal-pki-document-archive) - This page contains three years of FPKI-related documents.
   - [FPKI Key Recovery Policy (PDF, Subsumed, October 2017)]({{site.baseurl}}/docs/archived/fpki-key-recovery-policy.pdf){:target="_blank"}{:rel="noopener noreferrer"} - for reference only, original consolidated key recovery policy.  All requirements and controls have been mapped and subsumed into other FPKI Certificate Policy documents.
 
 
 ## Annual Review Requirements for All Certification Authorities
 
 Independent compliance audits are the primary way that the Federal Public Key Infrastructure Policy Authority (FPKIPA) ensures that entities participating in the FPKI comply with the requirements identified in the appropriate Certificate Policies (CPs). Audits are an important component of the Annual Review Requirements.
 
-Audits are required annually for supporting functions and elements of each entity.  Annual review packages should be submitted to fpki at gsa.gov.
+Audits are required annually for supporting functions and elements of each entity.  Annual review packages should be submitted to [fpki@gsa.gov](mailto:[email protected]).
 
 - [FPKI Annual Review Requirements (PDF, May 2022)]({{site.baseurl}}/docs/fpki-annual-review-requirements.pdf){:target="_blank"}{:rel="noopener noreferrer"} – This document includes requirements for performing and reporting annual compliance audits.
 - [RA Audit Guidance Memorandum (PDF, October 2022]({{site.baseurl}}/docs/fpki-ra-audit-guidance.pdf){:target="_blank"}{:rel="noopener noreferrer"} – This FPKIPA Memorandum reiterates the necessity of RA audits in supporting PKI operations, normalizes differing terminology used across various references, and provides options for reducing potential duplication of RA audit efforts, as applicable to PIV issuers.
@@ -99,10 +99,10 @@ The FPKI Program supports three remote PIV, PIV-I, and digital certificate test
 2. The [Certificate Profile Conformance Tool (CPCT)](https://github.com/GSA/cpct-tool/releases){:target="_blank"}{:rel="noopener noreferrer"} is a self-hosted application that analyzes public X.509 certificates for conformance to a specified FPKI profile.
 3. The [KSJavaAPI](https://github.com/grandamp/KSJavaAPI){:target="_blank"}{:rel="noopener noreferrer"} is Java API hosted on GitHub and used to leverage that the information stored in the PIV/ PIV-I applets conform to NIST SP 800-73.
 
-To request the annual testing report for PIV/PIV-I cards, fill out the [Annual PIV Credential Issuer (PCI) Testing Application Form (PDF, February 2020)]({{site.baseurl}}/docs/fips201ep-pcitestform.pdf) and send it with Compliance Test Tool outputs and testing artifacts (for remote testing) to fips201ep@ gsa.gov.
+To request the annual testing report for PIV/PIV-I cards, fill out the [Annual PIV Credential Issuer (PCI) Testing Application Form (PDF, February 2020)]({{site.baseurl}}/docs/fips201ep-pcitestform.pdf) and send it with Compliance Test Tool outputs and testing artifacts (for remote testing) to [[email protected]](mailto:[email protected]).
 
 ## Submitting a Test Results Package
-If you are running the Card Conformance Tool as part of the annual requirement to undergo PIV/PIV-I testing, you must email the artifacts listed below to fips201ep at gsa.gov.
+If you are running the Card Conformance Tool as part of the annual requirement to undergo PIV/PIV-I testing, you must email the artifacts listed below to [fips201ep@gsa.gov](mailto:[email protected]).
 
 1.	A completed [testing application]({{site.baseurl}}/docs/fips201ep-pcitestform.pdf){:target="_blank"}{:rel="noopener noreferrer"} for each PCI configuration evaluated (See Section 1 of the application for more information).
 2.	All accompanying Card Conformance Tool Log files, these reside in the same directory as the extracted package after the tests have been run:
@@ -138,7 +138,7 @@ FPKI affiliates include federal agencies and commercial service providers operat
 2. Providing additional investigation support and/or information about incidents to the FPKI Authorities as they become known, and
 3. Conducting remediation activities once an incident is confirmed.
 
-To report a security incident, such as a key compromise, data breach, or other fraud waste or abuse regarding FPKI CAs or certificates, please contact both fpki at gsa dot gov and  fpki-help at gsa dot gov, and include any relevant known information on the incident up to that point.  Further information will be requested from the affiliate per the [FPKI Incident Management Plan]({{site.baseurl}}/docs/fpki-imp.pdf){:target="_blank"}{:rel="noopener noreferrer"}.
+To report a security incident, such as a key compromise, data breach, or other fraud waste or abuse regarding FPKI CAs or certificates, please contact both [fpki@gsa.gov](mailto:[email protected]) and  [fpki-help@gsa.gov](mailto:[email protected]), and include any relevant known information on the incident up to that point.  Further information will be requested from the affiliate per the [FPKI Incident Management Plan]({{site.baseurl}}/docs/fpki-imp.pdf){:target="_blank"}{:rel="noopener noreferrer"}.
 
 <!-- # Federal PKI Monthly Activity Report
 
@@ -225,7 +225,7 @@ A Federal PKI document may be needed for three years for compliance review purpo
 - Supplementary Guidance
 - Change Proposals
 
-A blank category indicates no updates in the previous three years. If you seek a document that is older than three years or is not listed here, please contact fpki at gsa.gov or look in the [archived document repository on github](https://github.com/GSA/idmanagement.gov/tree/staging/docs/archived){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}. 
+A blank category indicates no updates in the previous three years. If you seek a document that is older than three years or is not listed here, please contact [fpki@gsa.gov](mailto:[email protected]) or look in the [archived document repository on github](https://github.com/GSA/idmanagement.gov/tree/staging/docs/archived){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}. 
 
 <table class="usa-table usa-table--borderless usa-table--striped">
   <thead>

@@ -140,7 +140,7 @@ There are four major steps involved with configuring CBA.
     <p class="usa-alert__text">
       The Federal PKI maintains a list of 
       <a class="usa-link" href="https://www.idmanagement.gov/fpki/notifications/#piv-issuer-information" target="_blank" rel="noopener noreferrer">the lastest PIV certifications authorities</a>
-      . Contact ICAM at GSA.gov If you need help finding the right CA or think one needs to be updated.
+      . Contact <a href="mailto:icam@gsa.gov">[email protected]</a> If you need help finding the right CA or think one needs to be updated.
     </p>
   </div>
 </div>

@@ -1050,7 +1050,7 @@ The easiest way to verify your migration to the Federal Common Policy CA G2 (FCP
 
 ## Frequently Asked Questions
 
-If your question does not appear in this list, send it to FPKI at gsa.gov.
+If your question does not appear in this list, send it to [fpki@gsa.gov](mailto:[email protected]).
 
 ## What happens if I don’t distribute the FCPCAG2 root certificate in my environment?
 

@@ -74,7 +74,7 @@ These announcements and hot topics concern Federal Public Key Infrastructure cha
 <script type="text/javascript" src="{{ site.baseurl }}/assets/js/gexfjs.js"></script>
 <script type="text/javascript" src="{{ site.baseurl }}/assets/js/config.js"></script>
 
-**Last Update**: September 09, 2024
+**Last Update**: September 16, 2024
 
 {% include graph.html %}
 
@@ -117,7 +117,7 @@ The FPKI Graph was built by using the same tools and code as the [Berkley ICSI S
 
 The page lists the certification authorities *currently* used for Personal Identity Verification (PIV), PIV-Interoperable (PIV-I), or Derived PIV (dPIV) authentication certificates for federal government departments and agencies.  Agency system administrators can leverage this list to configure systems and services for cross-government trust.
 
-{% include alert-info.html content="This table was last updated on <b>August  2, 2023</b>. Please email fpki at gsa.gov to suggest an update or correction." %} 
+{% include alert-info.html content="This table was last updated on <b>August  2, 2023</b>. Please email [fpki@gsa.gov](mailto:[email protected]) to suggest an update or correction." %} 
 
 <br>
 

@@ -342,7 +342,7 @@ If you are designing an automated process to transition users from Principal Nam
     <p class="usa-alert__text">
       We're working with a small number of agencies to pilot a simple PowerShell script to help with some of the functional requirements above. Check out the script in our    
       <a class="usa-link usa-link--external" href="https://github.com/GSA/ficam-scripts-public/tree/master/_altSecId" target="_blank">public scripts repository</a>
-      or contact ICAM at GSA.Gov for more information.
+      or contact <a href="mailto:[email protected]">[email protected]</a> for more information.
     </p>
   </div>
 </div>