Frequently Asked Questions about Applying for Access to Restricted CERT Resources

Contents:

What restricted CERT resources are available?

The CERT Public Key Infrastructure (PKI) supports the restricted components of the CERT Knowledgebase, including the Special Communications Database and the Vulnerability Card Catalog. To obtain access to these resources, you must have an active user account containing a digital certificate that has been authorized to access the given resource.

Who is eligible to apply for access to the restricted CERT resources?

Access to restricted CERT resources is granted only to approved researchers and collaborators. Accordingly, preliminary measures are taken to ensure that a prospective applicant (1) belongs to an authorized organization or agency and (2) has a legitimate need for access to the data contained in these resources.

What Certification Authorities does CERT support?

The CERT PKI supports the use of digital certificates from a select collection of external PKIs. The following PKIs are supported:

  • U.S. Federal Civilian PKI
  • U.S. Department of Defense PKI
  • Select Certification Authorities operated by CSIRTs with National Responsibility (CNR)

Accordingly, individuals with certificates that have been issued from Certification Authorities within one of these PKIs may submit their certificates to CERT for use in accessing the restricted CERT resources. Individuals within one of these PKIs should consult their Certificate Policy or PKI Administrator prior to enlisting their certificate with the CERT PKI.