Loren Data's SAM Daily™

 fbodaily.com
Home Today's SAM Search Archives Numbered Notes CBD Archives Subscribe
FBO DAILY ISSUE OF APRIL 07, 2005 FBO #1228
SOURCES SOUGHT

D -- eAuthentication Path Discovery and Validation

Notice Date
4/5/2005
 
Notice Type
Sources Sought
 
NAICS
518111 — Internet Service Providers
 
Contracting Office
General Services Administration, Federal Technology Service (FTS), IT Acquisition Service Center (TFL), 18th & F Streets, NW, Room 2024, Washington, DC, 20405
 
ZIP Code
20405
 
Solicitation Number
Reference-Number-RFI-PD-VAL-041505
 
Response Due
4/15/2005
 
Archive Date
4/30/2005
 
Description
518111--Internet Service Provider 518112--Web Search Portals 518210--Data Processing, Hosting, and Related Services RFI eAuthentication Path Discovery and Validation ..INTRODUCTION: The E-Authentication Initiative (EAI) has identified the need for products and services to perform certificate path discovery and validation in compliance with Federal government requirements. The intent of this Request for Information (RFI) is to invite the vendor community to share their capabilities in this area with the Federal government. The Federal Public Key Infrastructure (FPKI) is constructed as a bridge-enabled environment. The EAI acknowledges that commercially available products capable of performing path discovery and path validation in a bridge-enabled environment may be very limited. Thus, the intent of this RFI is to query the vendor community to determine the state of available products and their ability to implement any or all of the functional requirements described in Section 4 of this document. ..SCOPE: The RFI document specifies the functional requirements for certificate path discovery and validation used in cross-domain environment. Section 2 of the document describes the EAI?s general approach to identify appropriate products and services. Section 3 provides background information on the cross-domain environment in which these products and services will operate. Functional requirements are specified for path discovery, path validation, delegated path validation, auditing, and hosted services in Section 4. Three basic scenarios for implementing these requirements are considered: all functionality may be performed locally; all functionality may be performed remotely by a hosted service; or, functionality may be shared between a local capability and a remote hosted service. Auditing may be handled by the same component that performs path discovery and validation, or may be left to each PKI-enabled application. Related expectations for performance metrics are specified in Section 5. ..GENERAL APPROACH: Section 4 of the RFI document describes the functional requirements for performing certificate validation for certificate-based applications utilizing the FPKI. While the Government's ultimate goal is to acquire products/services that fully meet these requirements, we acknowledge that products/services available today may not fully address these requirements. Therefore, we are interested in determining the state of industry, and subsequently working with vendors whose products most closely meet these requirements. The Government is seeking information on two general approaches for certification validation: local validation products and hosted validation services. Local validation products are co-located with the relying application. Hosted validation services are services provided by the vendor that perform the certificate validation, and interface to the relying application to provide certificate validation results. Applications may include web-based applications running on web servers (e.g., Apache, Microsoft IIS, etc.), and desktop applications (e.g., Microsoft Outlook, Adobe Acrobat, etc.). Vendors are asked to review the set of functional requirements described within the RFI Section 4. Vendors are then asked to provide a response for each capability, indicating whether or not their respective product/service implements this capability. Appendix A of the RFI provides the template to be used for all responses. Multiple templates should be used for multiple product responses. Responses will be reviewed, and products and services best meeting the needs of the EAI will be invited for testing in the E-Authentication Interoperability Lab. Testing will begin April 25, 2005. At the conclusion of this testing, products and services determined to be acceptable may be entered onto a list of qualified and preferred vendors for use by federal agencies implementing certificate-based E-Authentication solutions. This list will be released to the public no later than June 30, 2005. ..HOW TO OBTAIN A COPY OF THE RFI: If your firm is interested in participating in this ambitious project, then submit your request for a copy of the RFI eAuthentication Path Discovery and Validation Products and Services document to pathval2@cam.mitretek.org.
 
Place of Performance
Address: General Services Administration, 1800 F Street, NW, Washington, DC 20405
 
Record
SN00782428-W 20050407/050405213228 (fbodaily.com)
 
Source
FedBizOpps.gov Link to This Notice
(may not be valid after Archive Date)
FSG Index  |  This Issue's Index  |  Today's FBO Daily Index Page |
ECGrid: EDI VAN Interconnect ECGridOS: EDI Web Services Interconnect API Government Data Publications CBDDisk Subscribers
 Privacy Policy  © 1994-2020, Loren Data Corp.