Child pages
  • Assurance Implementation Example - Virginia Tech

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


The Virginia Tech User Certification Authority issues an X.509 personal digital certificate (PDC) onto a SafeNet 64K USB eToken Pro device. The eToken is activated using a password. Public-private key exchange (client SSL) is used to perform authentication. This is not a typical "Shared Authentication Secret" form of Identity Credential, but the institution asserts that this multi-factor credential meets or exceeds the requirements of the IAP. Additional guidance is provided in NIST 800-63. 

Evidence of Compliance

See Sample Management Assertions under multi-factor Excample 2 at the CIC Multi-factor Working Group page.