What must a subscriber do with their token upon separation or retirement?

Upon separation or retirement, a subscriber must return their token to their supervisor. This process is essential for several reasons. First, the token is a critical component of the Public Key Infrastructure (PKI) system that contains the subscriber's digital certificates and private keys. Retaining or transferring the token could lead to unauthorized access to sensitive information or systems that the subscriber had access to during their service.

Returning the token ensures that all cryptographic keys associated with the subscriber are revoked and managed properly, maintaining the integrity and security of the PKI system. It also helps facilitate the decommissioning of the subscriber's access, ensuring that there are no lingering permissions or security risks after the individual has left the organization.

In contrast, keeping the token as a personal item or destroying it could compromise security, as it may leave behind active credentials that could be exploited. Transferring it to a family member contradicts the security protocols in place designed to protect the integrity of the PKI system. The return process is explicitly defined in the standards and guidelines governing the use of PKI tokens within the Army, emphasizing the importance of following established procedures for the protection of sensitive information.