These announcements and hot topics concern Federal Public Key Infrastucture changes that may affect your agency’s operations.
Date: March 14, 2018
Description: Upcoming changes to Chrome could affect your agency. This change requires all TLS/SSL certificates to appear in a CT log when they validate to a Root CA certificate distributed through an Operating System (OS) trust store. The Microsoft and Apple Trust Stores currently distribute the U.S. Government Root CA (Federal Common Policy CA) certificate. This changes will take effect on April 30, 2018 and will affect any TLS/SSL certificate issued after April 30, 2018.
Date: February 16, 2018
Description: Upcoming changes to Microsoft’s Trusted Root Program could impact your agency. The U.S. Government has elected to remove the Transport Layer Security (TLS) trust property for our U.S. Government Root CA (Federal Common Policy CA) from Microsoft’s Trust Store. The first impact is anticipated to occur in April 2018.
Windows users will receive errors when browsing to government intranet websites that use SSL/TLS certificates issued by Federal PKI CAs. You can mitigate the impact for the government intranets and government-furnished equipment by using configuration management tools for our federal enterprise devices.