The NG9-1-1 Interoperability Oversight Commission (NIOC) is pleased to announce completion of Version 1.0 of the NIOC PSAP Credentialing Agency (PCA) Certificate Validation Guidelines for the NG9-1-1 Public Key Infrastructure (PKI). Otherwise known as the Validation Policy (VP), it is a companion to the PCA Certificate Policy (CP) and contains guidelines for verifying the identity and role of NG9-1-1 certificate requestors. Like a background check, it ensures that these stakeholders in the NG9-1-1 ecosystem, from agencies, to users, to the equipment itself, are who they say they are. This ensures a high level of security and establishes trust in the PKI, both within ESInets and between them. The completion and approval of the VP allows the PCA to move closer to production, and NG9-1-1 closer to its end-state of trusted, interoperable networks. The NIOC adopted an industry baseline Validation Policy as its foundation to ensure interoperability and the NIOC further collaborated with volunteers from the NENA Development Group Core Services Committee, which is also responsible for other NENA technical standards including i3, to refine the baseline policy into a policy that ensures NG9-1-1 security and interoperability standards are fully considered in NG9-1-1 operations.
“On behalf of the NIOC Commissioners, having this Validation Policy in place is another large milestone towards having secure communications between NG9-1-1 ESInets,” said Rick Blackwell, Chairman of the NIOC. “Many 9-1-1 SMEs spent countless hours developing a responsible, forward-thinking, i3-compliant policy the entire 9-1-1 community can have faith in.”
The VP contains guidelines that describe how information must be validated prior to issuing certificates within the NG9-1-1 PKI. When stakeholders apply for NG9-1-1 certificates, they provide their names, titles, addresses, roles, and more, describing who they are and for what purpose the certificates will be used – for example, to certify the identity of an agency, user, or NG9-1-1 services and elements. Certificate Authorities or their verified delegates validate the accuracy of the attested information, and only upon confirmation of all submitted information are certificates issued to applicants. The VP was developed with extensive input from the standards-development community and represents hundreds of hours of consensus work. The VP was adapted from the CA/Browser Forum’s Guidelines for the Issuance and Management of Extended Validation Certificates.
The full VP is available here.
The NG9-1-1 Interoperability Oversight Commission (NIOC) is the independent oversight governance body for the NG9-1-1 Public Key Infrastructure (PKI), Forest Guide, and other technical-interoperability services necessary for interoperability and security in NG9-1-1. More information is available at ng911ioc.org.