Public Key Infrastructure (PKI) and Public Key (PK) Enabling
|Publication Date:||24 May 2011|
PURPOSE. This Instruction:
a. Reissues DoD Instruction (DoDI) 8520.2 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.1 (Reference (b)) to establish and implement policy, assign responsibilities, and prescribe procedures for developing and implementing a DoD-wide PKI and enhancing the security of DoD information systems by enabling these systems to use PKI for authentication, digital signatures, and encryption.
b. Prescribes DoD PKI and PK-enabling activities consistent with the policy established in DoDD 8500.01E (Reference (c)) and DoDI 1000.13 (Reference (d)).
c. Supplements the implementing guidance provided in DoDI 8500.2 (Reference (e)).
d. Prescribes DoD PKI activities on the Secret Internet Protocol Router Network (SIPRNET) consistent with requirements stated in References (c) and (e).
e. Incorporates and cancels DoDD 8190.3 and Assistant Secretary of Defense for Networks and Information Integration/DoD Chief Information Officer (ASD(NII)/DoD CIO) memorandums (References (f), (g), and (h), respectively).
a. This Instruction applies to:
(1) OSD, the Military Departments, the Office of the Chairman of the Joint Chiefs of Staff and the Joint Staff, the Combatant Commands, the Office of the Inspector General of the Department of Defense, the Defense Agencies, the DoD Field Activities, and all other organizational entities within the DoD (hereinafter referred to collectively as the "DoD Components").
(2) All unclassified and classified DoD information systems and networks (e.g., Nonclassified Internet Protocol Router Network (NIPRNET), SIPRNET, Defense Research and Engineering Network (DREN), Secret Defense Research and Engineering Network (SDREN)), web servers, and e-mail systems).
(3) All users accessing unclassified and classified DoD information systems (e.g., DoD web-based systems, DoD websites, DoD web servers) and networks (e.g., NIPRNET, SIPRNET, DREN, SDREN).
b. This Instruction does NOT apply to sensitive compartmented information and other information systems operated within the DoD that fall under the authority of the Director of National Intelligence in accordance with Intelligence Community Directive 503 (Reference (i)). This Instruction also does not apply to Top Secret collateral systems, special access programs, and stand-alone networks with no connection to the Global Information Grid (GIG).