[ISN] Digital certificates move toward interoperability

From: mea culpa (jerichoat_private)
Date: Thu Jan 21 1999 - 13:59:05 PST

  • Next message: mea culpa: "[ISN] Web Security Products Get Spotlight"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.990121105214.6629dat_private>
    Forwarded From: darek milewski <darekmat_private>
    Digital certificates move toward interoperability
    By Tim Clark
    Staff Writer, CNET News.com
    January 19, 1999, 4:00 a.m. PT
    SAN JOSE, California--Digital certificates may not yet be widely deployed,
    but a host of vendors are betting that won't be true much longer.
    More than a dozen vendors of public key infrastructure, or PKI systems,
    are making news at this week's annual RSA Data Security conference,
    including RSA itself, a new and somewhat belated entrant in the market.
    (See related story) 
    The three biggest PKI vendors--VeriSign, Entrust, and GTE CyberTrust--hope
    PKI systems will come to be broadly deployed in 1999. They and smaller
    firms are focusing on interoperability--letting certificates issued by one
    certificate authority (CA) be accepted by other companies. 
    "We are now seeing interoperability within industries. Then we'll see it
    across industries," said Tom Carty, GTE CyberTrust's vice president of
    business strategy, who contends the enterprise market, not consumers, will
    generate the most revenue in 1999. 
    "We are for the first time seeing feedback from customers being reflected
    in products from multiple vendors," Carty added, calling it a sign of
    maturation of the PKI market. 
    Entrust made the biggest splash in interoperability today, releasing a
    free software toolkit that lets developers build applications once and use
    digital certificates from any PKI vendor that supports two Internet PKI
    standards. The tools are available on a CD-ROM or can be downloaded from
    the company's Web site. 
    "It's critical for developers to develop an application once and have it
    work with any vendor's PKI," said Entrust CEO John Ryan.  "We have an
    absolute, complete commitment to open standards." 
    That marks a shift for Entrust, whose technology largely predated the
    Internet and has been criticized by competitors for being proprietary. 
    In another shift, Entrust announced a worldwide network of PKI customers
    that offer digital certificate services on an outsourced basis. The
    alliance marks Entrust's first outsourcing initiative. 
    GTE announced a get-up-and-running-fast program dubbed CyberTrust
    Accelerator, which includes GTE's basic PKI software plus consulting
    services to get a PKI running in corporate enterprises.  The PKI software
    is priced at a flat $150,000 for unlimited certificates, a departure from
    the standard price structure that charges per-certificate on an annual
    For GTE, the new program represents a move toward product sales rather
    than outsourcing. 
    VeriSign said its OnSite Key Manager offering, which provides back-up of
    user's cryptographic keys and digital certificates, is now shipping
    worldwide for $40,000 and up, based on the number of certificates issued.
    VeriSign operates OnSite as an outsourcing service that lets companies
    issue their own digital IDS to employees, customers, and suppliers. 
    VeriSign also announced a series of partnership programs to make
    outsourcing PKIs available worldwide. 
    In other PKI announcements at the RSA show:  Baltimore Technology released
    version 2.4 of its PKI software, UniCert Certification Authority.
    Ireland's Baltimore, which recently merged with Britain's Zergo Holdings,
    also unveiled a technology alliance program and backed Intel's Common Data
    Security Architecture (CDSA) framework.  Another European PKI company,
    Celo Communications, made its U.S.  debut, unveiling a PKI product suite
    designed for multinational corporations involved in Internet-based
    financial services.  ValiCert said it's shipping "validation authority"
    software to check the validity of digital IDs issued by different
    certificate authorities. The company also unveiled offerings that let
    users check the validity of S/MIME secure email certificates and SSL
    certificates used by Web servers.  Entegrity demonstrated interoperability
    with digital certificates from VeriSign, GTE, and IBM. Entegrity also
    announced that Entrust and IBM support Entegrity's tools for making
    digital IDs from different vendors interoperate. Digital Signature Trust
    announced it recently completed a pilot with more than 15 financial
    securities firms to act as the central certificate authority for an
    industrywide test using digital certs to verify the identity of brokers. 
    Spyrus debuted its hardware-based PKI software, acquired in September with
    Australia's Signet Systems, and a new focus on the enterprise market.
    Spyrus, which has largely sold to U.S.  government agencies in the past,
    uses smart cards or other hardware tokens in its PKI systems. The company
    is exploring a dozen or so vertical markets to market its system. 
    Security smart-card vendor Litronic launched a family of products and
    services to speed deployment of PKI systems based on smart cards.  As
    reported, Netscape updated its certificate and directory server offerings. 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:16:46 PDT