[Federal Register Volume 62, Number 76 (Monday, April 21, 1997)]
[Notices]
[Pages 19300-19301]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 97-10162]


-----------------------------------------------------------------------

DEPARTMENT OF AGRICULTURE


Office of the Chief Information Officer; Granting of Federal 
Information Processing Standards (FIPS) Waiver for Digital Signature 
Standard

AGENCY: Office of the Chief Information Officer, United States 
Department of Agriculture (USDA).

ACTION: Notice of granting of FIPS waiver request.

-----------------------------------------------------------------------

SUMMARY: The Chief Information Officer has granted a waiver to the 
Agricultural Marketing Service to use Rivest, Shamir, and Adleman (RSA) 
digital signature technology in lieu of the Digital Signature Standard 
(DSS) specified by the Federal Information Processing Standard (FIPS) 
186. This waiver was made pursuant to section 111(d) of the Federal 
Property and Administrative Services Act of 1949 as amended by the 
Computer Security Act of 1987, Public Law 100-235. The Waiver does not 
apply to any procurement, but allows use of a capability already 
available in the agency.

DATES: The waiver takes effect on (date of April 10, 1997) and remains 
valid for the life of the core software and subject to the demands of 
the USDA Information System Technology Architecture.

FOR FURTHER INFORMATION CONTACT: Joseph Ware, Chief, Information 
Management Division, Office of the Chief Information Officer, USDA, 
202-690-2118.

SUPPLEMENTARY INFORMATION: Federal Information Processing Standard 
(FIPS) 186, ``Digital Signature Standard,'' establishes a standard for 
generating a digital signature that can be used to verify that 
electronic documents originated with the signatory of the document, and 
to protect the entire document against unauthorized modifications of 
its text. FIPS 186 allows Federal agency heads to waive use of the FIPS 
186 under certain circumstances.
    A waiver may be granted if compliance with the standard would 
adversely affect the accomplishment of the mission of an operator of a 
Federal computer system.
    A waiver may also be granted if compliance with the standard would 
cause a major adverse financial impact on the operator of a Federal 
computer

[[Page 19301]]

system which is not offset by Government-wide savings.
    The Chief Information Officer has granted a waiver to Agricultural 
Marketing Service to employ the RSA digital signature algorithm instead 
of one conforming to FIPS 186 DSS. The RSA algorithm provides document 
security that is at least comparable to that specified by FIPS 186 DSS. 
Unlike the DSS, the algorithm is widely used in a variety of commercial 
software applications, making development of applications to generate 
secure USDA documents feasible and cost-effective. Use of DSS would 
cause major adverse financial impact on the agency, and therefore on 
its fee-paying customers, because the cost of developing new software 
employing DSS would be many times the cost of using existing commercial 
software that employs the RSA algorithm. In accordance with the 
requirements of FIPS 186, notice of this waiver has been sent to the 
National Institute of Standards and Technology, United States 
Department of Commerce; to the Committee on Government Reform and 
Oversight of the House of Representatives; and to the Committee on 
Governmental Affairs of the United States Senate.
Anne F. Thomson Reed,
Acting Chief Information Officer.
[FR Doc. 97-10162 Filed 4-18-97; 8:45 am]
BILLING CODE 3410-01-M