skip to content
Site Navigation
About CSOS
Enroll in CSOS
Certificate Mangement
Developer Utilities
Contact Support

Quick Links

External Links

1024 Revocation Background

The Controlled Substances Ordering System (CSOS) is cross-certified with the Federal Bridge Certification Authority (FBCA). The FBCA sets guidelines that CSOS must follow in order to maintain its cross-certification. Recently, the FBCA has updated its policies to align key-length requirements with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-57, Recommendations for Key Management.

NIST SP 800-57 offers authoritative recommendations for encryption algorithms implemented on federal government information systems. For systems utilizing the RSA encryption algorithm for digital signatures, NIST SP 800-57 recommends a key-length of 2048-bits. Prior to October 2008, CSOS certificates were issued with the RSA encryption algorithm for digital signatures, using a key-length of 1024-bits. Commencing in October 2008, certificates utilizing the stronger 2048-bit key-length were distributed to new and renewing CSOS participants.

The FBCA has set a deadline of December 31, 2010 by which all certificates of cross-certified systems, including CSOS, must meet NIST SP 800-57 recommendations. As certificates have a 3-year lifetime, certificates issued between January 1, 2008 and September 30, 2008 do not comply with the recommended key-length.

All certificates in use that have been signed and generated with 1024-bit keys must be revoked prior to January 1, 2011.

Return to previous screen