[ISN] Verisign Adds Key Recovery

From: mea culpa (jerichot_private)
Date: Mon Oct 12 1998 - 18:00:45 PDT

  • Next message: mea culpa: "[ISN] Hackers stay a step ahead of China's cyber-police"

    Forwarded From: phreak moi <hackerelitet_private>
    
    http://www.news.com/News/Item/0,4,27419,00.html?st.ne.ni.lh
    VeriSign adds key recovery
    By Tim Clark
    Staff Writer, CNET News.com
    October 12, 1998, 12:00 p.m. PT
    
    VeriSign will add an optional key recovery service, due to roll out by
    year's end, as part of its OnSite outsourced service for managing digital
    certificates for enterprises. 
    
    Other new features of Onsite 4.0, which lets corporations issue their own
    digital IDs but has VeriSign handle the back-end data center and
    certificate management, are available now. 
    
    The key recovery feature will allow companies to recover encrypted data if
    an employee loses a cryptographic key or leaves the company. The U.S.
    government requires key recovery for strong encryption exported overseas,
    but many corporations also want it for their own reasons. 
    
    "This is the culmination of the development plan we started about a year
    ago," said VeriSign CEO Stratton Sclavos. "It has public key
    infrastructure (PKI) functionality backed by stringer carrier class
    services and is extranet and e-commerce ready." 
    
    PKI is the term for enterprise software that issues, manages, checks, and
    revokes digital certificates, which are used in online communications as
    electronic IDs that vouch for the identity of an individual or computer.
    Issuers also are called certificate authorities or CAs. 
    
    The upgraded Onsite service, first announced a year ago and launched in
    November 1997, adds the ability for corporations to issue digital
    certificates from a single location within the company, rather than having
    issuance housed in different departments. 
    
    Digital certificates can be used to authenticate users for a variety of
    intranet, extranet, virtual private network, and e-commerce applications. 
    
    VeriSign is the leading service for issuing digital certificate, and
    Sclavos said it has issued more than 3 million certs to consumers, a
    separate line of business from its Onsite corporate service. "The
    announcement clearly positions VeriSign as a strong technology leader,"
    Jim Hurley, an information security analyst at Aberdeen Group, said in a
    statement. 
    
    Its biggest rival is Entrust Technologies, which sells software packages
    for corporations to issue and manage their own digital certificates
    themselves. 
    
    But new competition looms from consumer credit agency Equifax, which
    announced in June it will set up an outsourcing digital certificate server
    using software from IBM. GTE CyberTrust, a unit of phone giant GTE, offers
    both software and a service for issuing digital certificates. 
    
    In addition, Ireland's Baltimore Technologies is active in Europe.
    U.S.-based Spyrus recently acquired Signet Systems, an Australian
    certificate authority. 
    
    In related announcements today, VeriSign also announced several new
    partners, including Germany's Secude GmbH, which lets VeriSign
    certificates be used in SAP's R/3 business applications, and Canada's
    JetForm, which markets software for secure Web workflow and electronic
    forms. 
    
    VeriSign also announced Morgan Stanley Dean Witter and First Union Bank,
    as OnSite 4.0 users. 
    
    OnSite 4.0 is available for pilot testing beginning at $5,000. New
    software tools and other modules are available from $10,000. 
    
    -o-
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
    



    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:07:17 PDT