USGS home page USGS home page
U.S. Geological Survey

 

 FREQUENTLY ASKED QUESTIONS

  1. What Public Law governs electronic transactions between the Federal Government and the Public?
  2. What is MIFORMS?
  3. Why should I use the MIFORMS Web-based system?
  4. How can I become a MIFORMS user?
  5. How will I know when I can submit data for the next reporting period?
  6. Who should I contact with questions concerning user IDs, passwords, or general operation and administration of the e-forms system?
  7. Who should I contact with questions concerning completing the electronic canvass forms?
  8. Can anyone see or change the data while it is in transit?
  9. How can I ensure that my data are secure?
  10. What is cache and how do I minimize its size?
  11. How do I really know who it is at the other end of the connection?
  12. Who authenticates your certificate and what does it show?
  13. How do I know if a certificate is invalid or forged?
  14. What browsers work best with the e-forms system?
  15. What are ‘sockets’? What is Secure Sockets Layers (SSL) and why is the version important?
  16. What is Secure Sockets Layer (SSL)?
  17. Why is the Secure Sockets Layer (SSL) version important?
  18. How do I enable JavaScript?
  19. What is 128-bit strong encryption?
  20. How do I know if I have 128-bit encryption?
  21. What do you mean by ‘direct-downloaded browsers’ and where can I get them?
  22. Do you use cookies?
 

What Public Law governs electronic transactions between the Federal Government and the Public?
Although confusing to many people, the Government Paperwork Elimination Act (GPEA) and the Paperwork Reduction Act (PRA) are not synonymous. While the PRA limits information the Federal government collects from the public in any form, the GPEA promotes electronic business with the public. The Office of Management and Budget (OMB) is responsible for issuing policies on implementation for both Acts. The GPEA (Public Law 105-277) took effect on October 21, 1998. Under the GPEA, persons required to submit information to the government, or maintain information, must be given the option to do so electronically, when practicable. This option includes implementing security appropriate for the information to be transmitted. Electronic business must be in place by October 23, 2003. In Fiscal Year 2000, agencies were required to start submitting plans to OMB on how they will achieve this objective.

To the top

What is MIFORMS?
MIFORMS is the Minerals Information Web-based electronic data collection system developed by the U.S. Geological Survey to enable respondents to submit, view, modify, print, and locally store canvass forms and data in accordance with the GPEA. For each reporting period, you will receive an e-mail reminder to submit your data.

To the top

Why should I use the MIFORMS Web-based system?
An electronic data collection system not only speeds the collection, aggregation, and analyses of minerals information but also helps us expedite our publications to recipients. MIFORMS offers you many benefits over the traditional paper system:

  • it’s fast...you can save time
  • it’s accurate...because there are verification steps along the way, you can check and review your information before it is sent
  • it’s convenient...MIFORMS is available to you 24 hours a day, 7 days a week
  • it’s easy to use...it’s a step-by-step process that tells you what information you need to successfully complete your canvass form for any commodity
  • it’s secure...MIFORMS offers the highest levels of security on the Internet

To the top

How can I become a MIFORMS user?
To become a user of the e-forms system, you must complete a registration form available in Microsoft Word, HTML, or in Adobe Acrobat Portable Document Format as a PDF. Separate registration forms are required for the canvasses listed below:

For the PDF version, you will need to download and install the free Adobe Acrobat Reader software to view and print this form. Details for returning the registration form via fax or postal mail are included on the form. You will be e-mailed an account creation notice within fourteen working days after receipt of this form. That notice will contain your user ID and instructions for retrieving your password.

No registration form is required for the Comprehensive Test Ban Treaty annual canvass (USGS Form 9-4040-A). This canvass will be automatically added to your drop-down list of canvasses and you will be notified if you meet the requirements to be considered as a respondent for a given year.

To the top

How will I know when I can submit data for the next reporting period?
For each reporting period, you will receive an e-mail reminder to submit your data.

To the top

Who should I contact with questions concerning user IDs, passwords, or general operation and administration of the e-forms system?
You should direct any questions concerning general operation and administration of the e-forms system (including user IDs and passwords) to the System Administrator at 703-648-4960.

To the top

Who should I contact with questions concerning completing the electronic canvass forms?
You should direct any questions concerning completing the electronic canvass forms to 703-648-4960.

To the top

Can anyone see or change the data while it is in transit?
We employ industry-standard physical, electronic, and procedural security safeguards to protect the personally identifiable information that you have provided to us from loss, misuse, or unauthorized alteration. Whenever we prompt you to transmit sensitive information such as production data to us through our Web site, we support encryption of your data by your browser as it is transmitted. Our Web site employs Secure Sockets Layer (SSL) version 3.0 to provide authentication and encryption services. If anyone monitoring the line intercepts a transmission and modifies it, the data will fail to decrypt at the other end.

To the top

How can I ensure that my data are secure?
When you log onto our Web site, several things happen. Some are more obvious than others.
  • You get a message that you are about to enter a secure site and that anything transmitted from now on will be encrypted. If you do not see this message, it is probably because you have seen it before, and clicked a box not to show this warning in the future.
  • Click OK to enter our secure site. On the top of your screen, you will notice that the ‘http’ now has an ‘s’ appended to it. This stands for ‘secure’, and indicates that we are using a secure protocol called Secure Sockets Layer (SSL).
  • At the bottom of your screen, you will notice that a small locked padlock symbol has appeared on the status bar. This padlock is always shown locked for secure sites. For non-secure sites, the padlock may appear either unlocked (Netscape) or not at all (Internet Explorer).
Also, minimize cache size if you want to prevent others who have access to your computer from seeing your proprietary data.

To the top

What is cache and how do I minimize its size?
To improve access to frequently requested Web pages, browsers typically store recently displayed pages to your hard disk in a special area called ‘cache’. This can allow others to see your proprietary data if they have access to your computer. The procedure for minimizing cache size, clearing cache, or turning it off depends upon your browser.

Netscape: Pull down the ‘Edit’ menu and choose ‘Preferences...’. The ‘Preferences’ dialog box appears. Under ‘Category’, click on the ‘+’ sign next to ‘Advanced’. Click on ‘Cache’. The right side of your window will contain options for setting memory and disk cache and clearing its present contents.

Internet Explorer: Pull down the ‘Tools’* menu and choose ‘Internet Options...’. The ‘Internet Options’ dialog box appears. Under ‘Temporary Internet Files’, click the ‘Settings...’ button. The ‘Settings’ dialog box appears. Move the slider under ‘Amount of disk space to use:’ to indicate the desired amount of disk space to allocate to Web pages. A low number of megabytes (MB) is highly recommended. To clear the present contents of the cache, press the ‘Cancel’ button to return to the ‘Internet Options’ dialog box and press the ‘Delete Files’ button. The ‘Delete Files’ dialog box appears. Specify your selection regarding off-line content and press the ‘OK’ button.

* For Internet Explorer 4: Pull down the ‘View’ menu.

To the top

How do I really know who it is at the other end of the connection?
The process of pretending to be a person (or Web site) which you are not is known as ‘masquerading.’ The process of discovering whether the site accessed is the site you believe it to be is known as ‘authentication.’ A ‘certificate’ is the way our Web site tells you, in a secure and trusted way, who we are. We use a certificate to authenticate our Web site to you. In this way, you are assured that you are connecting to the Web site that you think we are. The browser knows it is connected to the correct site after it validates the certificate authority, decrypts a coded signature, verifies the domain (Web site) name, and checks the expiration date.

To the top

Who authenticates your certificate and what does it show?
Double-clicking the padlock symbol in the status bar at the bottom of your screen will display the certificate properties. The most important properties are the issuer (Certificate Authority or CA), expiration date, security protocol, and encryption level. Clicking on ‘issuer’ (your browser’s format may differ) shows that we employ DigiCert, a trusted CA that issues certificates only to the genuine owners of Web sites. The USGS has submitted supporting documentation to DigiCert to ensure that we are who we say we are. Clicking on ‘security protocol’ reveals that we use SSL (Secure Socket Layer) 3.0. Clicking on ‘encryption level’ shows you that we use a ‘High’ (128-bit) level of encryption.

To the top

How do I know if a certificate is invalid or forged?
Browsers recognize all major trusted certificate authorities, and will warn us if the authentication was provided by an unknown or untrusted provider. For example, upon connecting to a Web site, Internet Explorer (depending upon the version) may display the following dialog:

This page requires a secure connection which includes server authentication. The Certificate Issuer for this site is untrusted or unknown. Do you wish to proceed? Yes | No | View Certificate | More Info

If a certificate is issued by a certification authority which the browser does not recognize, and a dialog similar to the one shown above appears, then be extremely careful about using the Web site any further.

To the top

What browsers work best with the e-forms system?
To use the MIFORMS Web site, you must use a Web browser that supports Secure Sockets Layers (SSL) version 3 protocol with 128-bit strong encryption capability and JavaScript enabled. Direct-downloaded Netscape and Internet Explorer browsers at version 4.0 and above meet the necessary criteria.

To the top

What are ‘sockets’? What is Secure Sockets Layers (SSL) and why is the version important?
Different sockets are used for different types of data. Web browsers use socket ‘80’ which normally contains unencrypted data that can be monitored by an unauthorized party.

To the top

What is Secure Sockets Layer (SSL)?
As its name implies, Secure Sockets Layer (SSL) secures the sockets that your data travels through. It provides authentication and encryption services. Although SSL was initially designed by Netscape, it is now supported by all popular Web browsers and servers. It has become the accepted standard method of providing security and is used by banks and credit card companies. Although your Web browser already has SSL built into it, SSL is only active when the Web page you are viewing supports its use. See ‘How can I ensure my data is secure?’

To the top

Why is the Secure Sockets Layer (SSL) version important?
Secure Sockets Layer (SSL) version 3 supports 128-bit strong encryption. Anything less is inadequate.

To the top

How do I enable JavaScript?
Netscape: Pull down the ‘Edit’ menu and choose ‘Preferences...’. The ‘Preferences’ dialog box appears. Under ‘Category’, click on ‘Advanced’. Verify that a check appears next to 'Enable Java' or 'Enable Javascript (versions 7.2 and earlier).

Internet Explorer: Pull down the 'Tools' menu and choose and choose 'Internet Options...'. The 'Internet Options' dialog box appears. Click the 'Security' tab. Click the 'Internet' Web content zone. Click the 'Custom level...' button. Scroll down and locate the Level 1 heading labeled 'Scripting' and the Level 2 heading labeled 'Active scripting'. Click the 'Enable' radio button. Click the OK button to close the 'Security Settings' window then click the OK button to close the 'Internet Options' window.

To the top

What is 128-bit strong encryption?
128-bit strong encryption prevents your proprietary information from being read by others on the Internet while it is being transmitted between your Web browser and the MIFORMS Web site.

To the top

How do I know if I have 128-bit encryption?
All Netscape and Internet Explorer browsers at version 4.0 and above can communicate with 128-bit encryption.

Because 128-bit encryption technology cannot be exported, do international versions of Netscape and Internet Explorer operate at lower levels of encryption?
This is a common misconception. According to law, exported versions of browsers cannot initiate a request for 128-bit encryption for the current communications session. Requesting such a session would require that that 128-bit encryption technology be exported.

Resident on our server is a DigiCert Secure Site 128-bit encryption certificate. Suppose that an export version of a browser employing 56-bit encryption resides on the user’s computer. The communications session precedes as follows:

  1. The user’s computer opens a line of communication with our server.
  2. The user’s computer asks our server permission to use a 56-bit encryption protocol.
  3. Our server refuses the request since it is configured to use only a high-security 128-bit encryption protocol.
  4. The DigiCert certificate intercepts this refusal and counterproposes a 128-bit encryption protocol.
  5. The user’s computer receives the proposal for 128-bit encryption and accepts. Until the user leaves our Web site, encryption occurs at the high-security 128-bit level.

To the top

What do you mean by ‘direct-downloaded browsers’ and where can I get them?
If you are using a Web browser provided by your Internet service provider or on-line service, the full security capabilities of MIFORMS may not be utilized. A few examples of service providers are America OnLine, Prodigy, CompuServe, and The Microsoft Network. Direct-downloaded browsers that meet MIFORMS security requirements are available directly from the Microsoft (www.microsoft.com) and Netscape (www.netscape.com) Web sites.

To the top

Do you use cookies?
At this time, cookies are not required to access and use our Web site.

 

 
Home | Help | Feedback | FAQ