Production Update 1107

_data/fips201pacs-await-list.yml

@@ -27,8 +27,8 @@
   teststatus: In queue
 
 - position: 2	
-  solution: AMAG Symmetry Professional + Identity One Validation System	
-  aplnumbers: 10143 & 10144
+  solution: Identiv Velocity Security Management System (13.02)
+  aplnumbers: 10103
   state: Update
   teststatus: In queue
 
@@ -41,7 +41,7 @@
 - position: 4	
   solution: Kastle Systems CPS (EP) PACS and Validation Infrastructure
   aplnumbers: 10116
-  state: New
+  state: Update
   teststatus: In queue
 
 - position: 5	
@@ -63,8 +63,8 @@
   teststatus: In queue
 
 - position: 8	
-  solution: Identiv Velocity Security Management System (13.02)
-  aplnumbers: 10103
+  solution: Software House C-Cure 9000 v3.003 (13.02)
+  aplnumbers: 10159
   state: Update
   teststatus: In queue
 
@@ -74,9 +74,3 @@
   state: New
   teststatus: In queue
 
-- position: 10	
-  solution: Software House C-Cure 9000 v3.003 (13.02)
-  aplnumbers: 10159
-  state: Update
-  teststatus: In queue
-

_data/fips201pacs1301.yml

@@ -53,10 +53,10 @@
 
 - category: 13.01
   fipsstatus: Approved
-  infrastructure: AMAG Symmetry Professional v9.3
+  infrastructure: AMAG Symmetry Professional v9.8
   infraurl: /docs/apl-10143-Amag-IDOne.pdf
   infraapl: 10143
-  validation: Identity One Validation System for AMAG Symmetry Professional v9.3
+  validation: Identity One Validation System for AMAG Symmetry Professional v9.8
   valurl: /docs/apl-10144-Amag-IDOne-validation.pdf
   valapl: 10144
   reader1: Veridt Bio Dual Contact/Contactless Keypad Reader

_data/fpkinotifications.yml

@@ -26,6 +26,21 @@
 # ee_cdp_uri:
 # ee_ocsp_uri:
 
+- notice_date: November 6, 2024
+  change_type: CA Certificate Renewal
+  system: FPKI Trust Infrastructure - Federal Bridge CA G4
+  change_description: The Federal Bridge CA G4 performed a certificate renewal to Entrust Managed Services NFI Root CA on 9/11/2024. The current certificate is expired on 11/03/2024.
+  contact: fpki dash help at gsa dot gov
+  ca_certificate_hash: 3cf99604c5a775a5393216768078097f9eb00503
+  ca_certificate_issuer: CN=Federal Bridge CA G4, OU=FPKI, O=U.S. Government, C=US
+  ca_certificate_subject: OU = Entrust Managed Services NFI Root CA, OU = Certification Authorities, O = Entrust, C = US
+  cdp_uri: http://repo.fpki.gov/bridge/fbcag4.crl
+  aia_uri: http://repo.fpki.gov/bridge/caCertsIssuedTofbcag4.p7c
+  sia_uri: http://nfirootweb.managed.entrust.com/SIA/CAcertsIssuedByNFIRootCA.p7c
+  ocsp_uri: N/A
+  ee_cdp_uri: N/A
+  ee_ocsp_uri: N/A
+
 - notice_date: October 24, 2024
   change_type: Intent to Renew a CA Certificate
   system: DoD Interoperability Root CA 2

_implement/fpki_notifications.md

@@ -74,7 +74,7 @@ These announcements and hot topics concern Federal Public Key Infrastructure cha
 <script type="text/javascript" src="{{ site.baseurl }}/assets/js/gexfjs.js"></script>
 <script type="text/javascript" src="{{ site.baseurl }}/assets/js/config.js"></script>
 
-**Last Update**: October 29, 2024
+**Last Update**: November 06, 2024
 
 {% include graph.html %}
 

_implement/tools/crawler-lastrun.json

@@ -1625,37 +1625,6 @@
                 ]
             }
         },
-        {
-            "subject": "organizational_unit_name:Entrust Managed Services NFI Root CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US",
-            "issuer": "common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US",
-            "serial-number": "103249124483536009983603819608787809144698671785",
-            "akid": "79 f0 00 49 eb 7f 77 c2 5d 41 02 65 34 8a 90 23 9b 1e 07 6f",
-            "skid": "f3 ed 39 b9 da 1b 4d 03 3c 26 15 39 d8 33 b5 08 ef 38 3e 39",
-            "status": "Certificate Valid and Chains to Common",
-            "pathbuilder-result": {
-                "result": "true",
-                "details": "CRL Only Validation"
-            },
-            "path-to-common": [
-                "common_name:Federal Common Policy CA G2,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US",
-                "common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US"
-            ],
-            "sia-entries": {
-                "http://nfirootweb.managed.entrust.com/SIA/CAcertsIssuedByNFIRootCA.p7c": [
-                    "organizational_unit_name:Entrust NFI Medium Assurance SSP CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US",
-                    "organizational_unit_name:Entrust NFI Medium Assurance SSP CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US"
-                ]
-            },
-            "aia-entries": {
-                "http://repo.fpki.gov/bridge/caCertsIssuedTofbcag4.p7c": [
-                    "common_name:CertiPath Bridge CA - G3,organizational_unit_name:Certification Authorities,organization_name:CertiPath,country_name:US",
-                    "common_name:DoD Interoperability Root CA 2,organizational_unit_name:PKI,organizational_unit_name:DoD,organization_name:U.S. Government,country_name:US",
-                    "common_name:Federal Common Policy CA G2,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US",
-                    "common_name:STRAC Bridge Root Certification Authority,organizational_unit_name:STRAC PKI Trust Infrastructure,organization_name:STRAC,country_name:US",
-                    "common_name:TSCP SHA256 Bridge CA,organizational_unit_name:CAs,organization_name:TSCP Inc.,country_name:US"
-                ]
-            }
-        },
         {
             "subject": "common_name:WidePoint NFI Root 2,organizational_unit_name:Certification Authorities,organization_name:WidePoint,country_name:US",
             "issuer": "common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US",
@@ -4153,6 +4122,23 @@
                 "details": "Unable to build Path"
             }
         },
+        {
+            "subject": "organizational_unit_name:Entrust Managed Services NFI Root CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US",
+            "issuer": "common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US",
+            "serial-number": "103249124483536009983603819608787809144698671785",
+            "akid": "79 f0 00 49 eb 7f 77 c2 5d 41 02 65 34 8a 90 23 9b 1e 07 6f",
+            "skid": "f3 ed 39 b9 da 1b 4d 03 3c 26 15 39 d8 33 b5 08 ef 38 3e 39",
+            "status": "Certificate Invalid",
+            "pathbuilder-result": {
+                "result": "false",
+                "details": "End Entity Cert expired or not valid"
+            },
+            "parent_path_identifier": "common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US:79f00049eb7f77c25d410265348a90239b1e076f",
+            "validity-dates": {
+                "not-before": "2021-11-03 13:12:24+00:00",
+                "not-after": "2024-11-03 14:12:24+00:00"
+            }
+        },
         {
             "subject": "common_name:Federal Common Policy CA G2,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US",
             "issuer": "common_name:Federal Common Policy CA G2,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US",

_implement/tools/fpki-certs.gexf

@@ -1,8 +1,8 @@
 <?xml version="1.0" ?>
 <gexf xmlns="http://gexf.net/1.3" xmlns:viz="http://gexf.net/1.3/viz" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://gexf.net/1.3 http://gexf.net/1.3/gexf.xsd" version="1.3">
-    <meta lastmodifieddate="2024-10-29">
+    <meta lastmodifieddate="2024-11-06">
         <creator>py-crawler</creator>
-        <description>Created by Py-Crawler on 2024-10-29</description>
+        <description>Created by Py-Crawler on 2024-11-06</description>
     </meta>
     <graph defaultedgetype="directed" mode="static">
         <nodes>
@@ -794,9 +794,6 @@
             <edge id="common_name:Exostar Federated Identity Service Signing CA 4,domain_component:evincible,domain_component:com" source="common_name:Exostar Federated Identity Service Root CA 2,organizational_unit_name:Certification Authorities,organization_name:Exostar LLC,country_name:US" target="common_name:Exostar Federated Identity Service Signing CA 4,domain_component:evincible,domain_component:com" label="Exostar Federated Identity Service Signing CA 4" weight="1.0">
                 <viz:color r="153" g="0" b="153"/>
             </edge>
-            <edge id="organizational_unit_name:Entrust Managed Services NFI Root CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US" source="common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US" target="organizational_unit_name:Entrust Managed Services NFI Root CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US" label="Entrust Managed Services NFI Root CA" weight="1.0">
-                <viz:color r="153" g="0" b="153"/>
-            </edge>
             <edge id="common_name:WidePoint NFI Root 2,organizational_unit_name:Certification Authorities,organization_name:WidePoint,country_name:US" source="common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US" target="common_name:WidePoint NFI Root 2,organizational_unit_name:Certification Authorities,organization_name:WidePoint,country_name:US" label="WidePoint NFI Root 2" weight="1.0">
                 <viz:color r="153" g="0" b="153"/>
             </edge>
@@ -818,6 +815,9 @@
             <edge id="common_name:Exostar Federated Identity Service Root CA 2,organizational_unit_name:Certification Authorities,organization_name:Exostar LLC,country_name:US" source="common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US" target="common_name:Exostar Federated Identity Service Root CA 2,organizational_unit_name:Certification Authorities,organization_name:Exostar LLC,country_name:US" label="Exostar Federated Identity Service Root CA 2" weight="1.0">
                 <viz:color r="153" g="0" b="153"/>
             </edge>
+            <edge id="organizational_unit_name:Entrust Managed Services NFI Root CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US" source="common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US" target="organizational_unit_name:Entrust Managed Services NFI Root CA,organizational_unit_name:Certification Authorities,organization_name:Entrust,country_name:US" label="Entrust Managed Services NFI Root CA" weight="1.0">
+                <viz:color r="153" g="0" b="153"/>
+            </edge>
             <edge id="common_name:DigiCert Federated ID L3 CA,organizational_unit_name:www.digicert.com,organization_name:DigiCert Inc,country_name:US" source="common_name:Federal Bridge CA G4,organizational_unit_name:FPKI,organization_name:U.S. Government,country_name:US" target="common_name:DigiCert Federated ID L3 CA,organizational_unit_name:www.digicert.com,organization_name:DigiCert Inc,country_name:US" label="DigiCert Federated ID L3 CA" weight="1.0">
                 <viz:color r="153" g="0" b="153"/>
             </edge>

_partners/fips201-apl.md

@@ -106,7 +106,7 @@ The Physical Access Control System (PACS) products listed under the “Approved
 - [Identiv uTrust Series Readers]({{site.baseurl}}/docs/apl-10104-07-19-24-25-47-58-74-80-utrust.pdf){:target="_blank"}{:rel="noopener noreferrer"}
 - [IDFACTORS Readers]({{site.baseurl}}/docs/apl-10112-10113-idfactors.pdf){:target="_blank"}{:rel="noopener noreferrer"}
 - [Innometriks Cheetah Series Readers]({{site.baseurl}}/docs/apl-10109-30-60-62-81-84-cheetah.pdf){:target="_blank"}{:rel="noopener noreferrer"}
-- [Veridt Series Readers]({{site.baseurl}}/docs/apl-10031-35-10092-96-10163-67-10186-veridt.pdf){:target="_blank"}{:rel="noopener noreferrer"}
+- [Veridt Series Readers]({{site.baseurl}}/docs/apl-10031-35-10092-96-10163-67-10186-87-veridt.pdf){:target="_blank"}{:rel="noopener noreferrer"}
 - [XTec X Series Readers]({{site.baseurl}}/docs/apl-10078-79-80-81-82-xtec.pdf){:target="_blank"}{:rel="noopener noreferrer"}
 - [WaveLynx Technologies Readers]({{site.baseurl}}/docs/apl-10168-69-70-71-72-73-wavelynx.pdf){:target="_blank"}{:rel="noopener noreferrer"}