Department of State PKI Statement
The Department of State operates an unclassified PKI to support its mission.
The latest version of the Certificate Policy governing this PKI and a redacted copy of the Audit
Opinion Letter for the most recent compliance audit of this PKI are provided below:
DOS PKI X.509 CP v2.1.1 (20231102) Signed
DOS PKI FY2020-FY2022 Audit Letter (20230530)
Suspected private key compromise, certificate misuse, or other types of fraud, compromise,
misuse, inappropriate conduct, or any other matter related to the certificates issued by this PKI
should be reported to the Department of State PKI Operational Authority by emailing the report
to
PKIProgramOffice@state.gov and
ITServiceCenter@state.gov,
with the Subject: “External Report of Concerns Regarding Department of State PKI Certificates”.