[Federal Register Volume 68, Number 248 (Monday, December 29, 2003)]
[Notices]
[Pages 75022-75023]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 03-31825]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF TREASURY

Internal Revenue Service


Addition of New Transmitter Encryption Options and Pending 
Discontinuance of Non-Encrypted Options for IRS e-file

AGENCY: Internal Revenue Service (IRS), Treasury.

ACTION: Notice.

-----------------------------------------------------------------------

SUMMARY: Internal Revenue Service will provide the ability for IRS e-
file program participants to use approved encryption methods for the 
2005 and later filing seasons, beginning with the Acceptance Testing 
System (ATS) in late 2004. For the 2005 filing season, IRS intends to 
begin discontinuing support of non-encrypted transmissions whether by 
dedicated or dial-up links on the Public Switched Telephone Network 
(PSTN).

DATES: Questions or concerns should be directed to the Internal Revenue 
Service by January 31, 2004.

SUPPLEMENTARY INFORMATION: This information pertains to IRS e-filer 
transmitters (EROs) who are transmitting both individual and business 
electronic returns and electronic tax documents to the IRS EMS Front-
End Processing Systems and also to state taxing authorities who 
retrieve state returns from the State Retrieval Systems located in 
Austin, TX and Memphis, TN.

Background

    The Internal Revenue Service is charged with protecting taxpayer 
information using the most feasible, efficient and appropriate methods 
of protection available. Encrypting the transmissions between the 
trading partners and the IRS would enhance and complete the existing 
security provided by the trading partners' systems and by the IRS 
security zone.

Dedicated Line Filers

    Based on an analysis of various e-file trading partner 
capabilities, the Internal Revenue Service announces that effective for 
the 2005 Filing Season, it will require the use of a minimum 128-bit 
FIPS approved but trading partner-chosen, procured, and installed 
method of encryption for use on trading partner-provided dedicated 
line(s) These dedicated lines may continue to be terminated at the 
Austin and Memphis EMS locations, and will permit use of the existing 
TELNET and FTP protocol methods. Each dedicated line trading partner 
will need to submit a new application and will identify the evaluation 
number referencing the chosen encryption method (e.g., Brand, Model 
Number, FIPS 140-x, Evaluation Number xxx, and Evaluation Date). For 
filers using dedicated lines terminating on IRS network equipment, the 
IRS will provide the IOS implemented 128-bit IPSec 3DES encryption 
services.

Internet Transmission Filers

    Recognizing that the majority of e-commerce and e-government 
applications are migrating to the Internet and using standard 
technologies, the Internal Revenue Service will provide the ability for 
registered users to electronically transmit return information to an 
IRS-provided and certified ``Secure Web'' site. Use of this Web site 
for the EMS e-filer program will require the use of Secure Sockets 
Layer (SSL) Version 3.0 using 128-bit encryption keys in an operational 
mode using the current modem based file transmission commands within a 
client commonly termed ``TELNET/S''. A very similar web and SSL 
technology is also being used for the IRS/FMS EFTPS program, pay.gov, 
the IRS modernized e-file RUP, as well as for other commercial 
applications, such as on-line banking. Support for SSL is provided at 
no extra cost in most Operating Systems available for the last five 
years, and is supported by the majority of Internet Service Providers 
(ISPs).

[[Page 75023]]

Extranet Connectivity

    The IRS is capable of supporting a moderate number of Trading 
Partners who wish to use an encryption technology termed ``IPSec'', 
with a shared secret key from their facilities, over the Internet to 
IRS selected ISPs handling IRS EXTRANET termination points. These 
termination points will contain only IRS equipment. The protocol within 
this connection would be the same as the current dedicated line filers, 
but would not guarantee any level of performance. Transmitters wishing 
to use this method would need to notify the IRS, following procedures 
outlined in IRS Publication 1346.

Cost Impacts and Taxpayer Burdens

    The cost impact of the Internet SSL method to IRS e-filers is 
expected to be minimal. The transmitters will incur the cost of the 
ISP, however, many of them already have and use an ISP. Currently the 
e-filers must pay for the long distance telephone call to the IRS 
front-end sites, and must make multiple calls if their transmission 
volume is high. Historic technologies also incur ``dropped'' calls. 
These occurrences are expected to be reduced when the Internet is used. 
Calls now would be to the usually local ISP phone number and its 
alternates.

Implementation Schedule

    The Internal Revenue Service will make known to the registered 
trading partners and software developers the software standards and 
scripting opportunities on or before March 31, 2004, to allow 
completion of any software changes in their products. The IRS will 
attempt to ensure that those standards are generally compliant to those 
adopted by other IRS e-commerce Internet interfaces. The Internal 
Revenue Service will make known to the registered trading partners and 
software developers the URLs for the ``Secure Web'' service model by 
July 31, 2004. The Internal Revenue Service will make a ``Secure Web'' 
test facility available to its registered users on or about July 31, 
2004, and have a production Assurance Testing (ATS) facility for the 
``Secure Web'' method by November 1, 2004.
    The Internal Revenue Service encourages all current and prospective 
e-filers to begin using one or both of the two new encryption methods 
by November 1, 2004. Dedicated line filers are encouraged to implement 
encryption at their earliest convenience and at a time that is mutually 
agreeable to both the trading partner and the Internal Revenue Service, 
prior to November 1, 2004.

Discontinuance of Existing Dial-Up Analog and Dial-Up ISDN Service

    Effective December 1, 2003, the Service is no longer accepting 
requests for support of IRS dial-up ISDN services. During 2005, the IRS 
will phase down the number of its existing analog, PSTN dial-up line 
services and its companion existing ISDN dial-up line services, and 
will discontinue them on November 30, 2005.

ADDRESSES: Carolyn E. Davis, Senior Program Analyst, IRS, Electronic 
Tax Administration, OS:CIO:I:ET:S:SP, 5000 Ellin Road, Room C4-187, 
Lanham, MD 20706.

FOR FURTHER INFORMATION CONTACT: Questions or concerns will also be 
taken over the telephone. Call Carolyn Davis--202-283-0589 (not a toll-
free number). You may e-mail responses entitled e-file Transmission 
Encryption to [email protected].

    Dated: December 18, 2003.
Jo Ann Bass,
Director Strategic Services Division, Electronic Tax Administration.
[FR Doc. 03-31825 Filed 12-24-03; 8:45 am]
BILLING CODE 4830-01-P