Dear Rich,

We have not gone through the whole process yet, but are going to be starting today working with Verisign. I spoke with them yesterday ad learned the following:

These certificates are a small authentication software program that must be installed on a person's computer.

From a purely technical perspective, the certificates work as follows:

1) An individual user will go onto the vendor website and fill out an online enrollment form. Payment is also due at this point ($115/user).

2) The enrollment forms should be printed, notarized and mailed to the vendor.

3) The vendor will process the enrollment forms and each user will receive an e-mail with a web link to download the certificate onto their computer. Once the certificate is installed, the user will be able to log onto the appropriate DOD/ONR sites. Certificates are issued on a one to one basis (one certificate per one machine); however, in the event of a crash or replacement, they can be moved to a new machine without additional cost.

I also learned that people who do not have the certificate will be locked out of the DOD sites and will be unable to access any information on them. What is still unknown is whether or not the sites will be completely locked out or if portions of the sites will remain "public." (My hope is that information on FOAs, proposal and award guidelines stay "public"). What is also unknown is whether or not these particular certificates will be good for just ONR or for all other DOD sites as they transition in the future.

If you have any questions or need further assistance please do not hesitate to contact me at 617-353-4365 or xxxxxx@bu.edu.

Regards,

Eleanor Greene

Assistant Director

Office of Sponsored Programs

From: Research Administration List [mailto:xxxxxx@hrinet.org] On Behalf Of Rich Magyar
Sent: Wednesday, December 13, 2006 9:27 AM
To: xxxxxx@hrinet.org
Subject: Re: [RESADM-L] ALL Users of the ONR AwardWeb, AdminWeb, and PayWeb Systems.

Has anyone actually completed the process of purchasing, & installing, a PKI certificate for DoD Websites?

I’m grateful to Steve Shapiro for offering initial insight as to the differences between the certificate vendors. But I admit, it’s still a bit uncertain which vendors are best in practice... (VeriSign, ORC, or IdenTrust/ DST).

Has anyone had the full buying/installing/using experience yet? Can we even test our certificates before January 4th?

Finally, HOW does one use a traditional notary in obtaining these electronic certificates?

--
Thanks for your time,

Rich Magyar
Systems Administrator
Eastern Michigan University
Graduate School & ORD

734-487-3090
xxxxxx@emich.edu

====================================================================== Instructions on how to use the RESADM-L Mailing List, including subscription information and a web-searchable archive, are available via our web site at http://www.hrinet.org (click on "Listserv Lists") ======================================================================