Internal Revenue Service (IRS), Treasury.
Internal Revenue Service will provide the ability for IRS e-file program participants to use approved encryption methods for the 2005 and later filing seasons, beginning with the Acceptance Testing System (ATS) in late 2004. For the 2005 filing season, IRS intends to begin discontinuing support of non-encrypted transmissions whether by dedicated or dial-up links on the Public Switched Telephone Network (PSTN).
Questions or concerns should be directed to the Internal Revenue Service by January 31, 2004.End Preamble Start Supplemental Information
This information pertains to IRS e-filer transmitters (EROs) who are transmitting both individual and business electronic returns and electronic tax documents to the IRS EMS Front-End Processing Systems and also to state taxing authorities who retrieve state returns from the State Retrieval Systems located in Austin, TX and Memphis, TN.
The Internal Revenue Service is charged with protecting taxpayer information using the most feasible, efficient and appropriate methods of protection available. Encrypting the transmissions between the trading partners and the IRS would enhance and complete the existing security provided by the trading partners' systems and by the IRS security zone.
Dedicated Line Filers
Based on an analysis of various e-file trading partner capabilities, the Internal Revenue Service announces that effective for the 2005 Filing Season, it will require the use of a minimum 128-bit FIPS approved but trading partner-chosen, procured, and installed method of encryption for use on trading partner-provided dedicated line(s) These dedicated lines may continue to be terminated at the Austin and Memphis EMS locations, and will permit use of the existing TELNET and FTP protocol methods. Each dedicated line trading partner will need to submit a new application and will identify the evaluation number referencing the chosen encryption method (e.g., Brand, Model Number, FIPS 140-x, Evaluation Number xxx, and Evaluation Date). For filers using dedicated lines terminating on IRS network equipment, the IRS will provide the IOS implemented 128-bit IPSec 3DES encryption services.
Internet Transmission Filers
Recognizing that the majority of e-commerce and e-government applications are migrating to the Internet and using standard technologies, the Internal Revenue Service will provide the ability for registered users to electronically transmit return information to an IRS-provided and certified “Secure Web” site. Use of this Web site for the EMS e-filer program will require the use of Secure Sockets Layer (SSL) Version 3.0 using 128-bit encryption keys in an operational mode using the current modem based file transmission commands within a client commonly termed “TELNET/S”. A very similar web and SSL technology is also being used for the IRS/FMS EFTPS program, pay.gov, the IRS modernized e-file RUP, as well as for other commercial applications, such as on-line banking. Support for SSL is provided at no extra cost in most Operating Systems available for the last five years, and is supported by the majority of Internet Service Providers (ISPs). Start Printed Page 75023
The IRS is capable of supporting a moderate number of Trading Partners who wish to use an encryption technology termed “IPSec”, with a shared secret key from their facilities, over the Internet to IRS selected ISPs handling IRS EXTRANET termination points. These termination points will contain only IRS equipment. The protocol within this connection would be the same as the current dedicated line filers, but would not guarantee any level of performance. Transmitters wishing to use this method would need to notify the IRS, following procedures outlined in IRS Publication 1346.
Cost Impacts and Taxpayer Burdens
The cost impact of the Internet SSL method to IRS e-filers is expected to be minimal. The transmitters will incur the cost of the ISP, however, many of them already have and use an ISP. Currently the e-filers must pay for the long distance telephone call to the IRS front-end sites, and must make multiple calls if their transmission volume is high. Historic technologies also incur “dropped” calls. These occurrences are expected to be reduced when the Internet is used. Calls now would be to the usually local ISP phone number and its alternates.
The Internal Revenue Service will make known to the registered trading partners and software developers the software standards and scripting opportunities on or before March 31, 2004, to allow completion of any software changes in their products. The IRS will attempt to ensure that those standards are generally compliant to those adopted by other IRS e-commerce Internet interfaces. The Internal Revenue Service will make known to the registered trading partners and software developers the URLs for the “Secure Web” service model by July 31, 2004. The Internal Revenue Service will make a “Secure Web” test facility available to its registered users on or about July 31, 2004, and have a production Assurance Testing (ATS) facility for the “Secure Web” method by November 1, 2004.
The Internal Revenue Service encourages all current and prospective e-filers to begin using one or both of the two new encryption methods by November 1, 2004. Dedicated line filers are encouraged to implement encryption at their earliest convenience and at a time that is mutually agreeable to both the trading partner and the Internal Revenue Service, prior to November 1, 2004.
Discontinuance of Existing Dial-Up Analog and Dial-Up ISDN Service
Effective December 1, 2003, the Service is no longer accepting requests for support of IRS dial-up ISDN services. During 2005, the IRS will phase down the number of its existing analog, PSTN dial-up line services and its companion existing ISDN dial-up line services, and will discontinue them on November 30, 2005.
Carolyn E. Davis, Senior Program Analyst, IRS, Electronic Tax Administration, OS:CIO:I:ET:S:SP, 5000 Ellin Road, Room C4-187, Lanham, MD 20706.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Questions or concerns will also be taken over the telephone. Call Carolyn Davis—202-283-0589 (not a toll-free number). You may e-mail responses entitled e-file Transmission Encryption to email@example.com.Start Signature
Dated: December 18, 2003.
Jo Ann Bass,
Director Strategic Services Division, Electronic Tax Administration.
[FR Doc. 03-31825 Filed 12-24-03; 8:45 am]
BILLING CODE 4830-01-P