[ISN] The year of PKI

From: mea culpa (jerichoat_private)
Date: Wed Apr 07 1999 - 12:47:48 PDT

  • Next message: mea culpa: "[ISN] Canadian hackers attack 13 major corporate sites"

      This message is in MIME format.  The first part should be readable text,
      while the remaining parts are likely unreadable without MIME-aware tools.
      Send mail to mimeat_private for more info.
    Content-Type: TEXT/PLAIN; CHARSET=us-ascii
    Content-ID: <Pine.SUN.3.96.990407134425.5085Xat_private>
    Forwarded From: darek milewski <darekmat_private>
    The year of PKI
    The growing need for secure Web transactions will
    boost PKI implementations at Entrust Technologies
    By Matthew Nelson
    Network security has become a necessity with the spread of Internet
    commerce and the expansion of intranets to larger extranets. But with
    differing network systems, secure connections that are constantly updated
    can be a difficult proposition.  One possible solution is the use of
    public key infrastructure (PKI)  systems and digital certificates. To
    discuss PKI and what it means for the enterprise, InfoWorld Senior Writer
    Matthew Nelson recently sat down with John Ryan, chief executive officer
    of Entrust Technologies, one of the leading PKI system providers. 
    InfoWorld: Do you consider 1999 the year of PKI? 
    Ryan: There's no question that the recognition by companies that they will
    all need a PKI is now upon us, and we're seeing incredible acceleration of
    pilot activity and recognition across our customer base. So I think this
    year will be the year where people recognize they will definitely have a
    PKI in their enterprise and start the methodical planning to ensure they
    pick the right one. 
    InfoWorld: Why is PKI seeing adoption now when it is a technology that has
    been around for quite awhile? 
    Ryan: Not unlike the Internet [that] was around for almost 20 years before
    all of a sudden it took off, there's been some fundamental things that
    happened in the enterprise that have now driven the need, and made it a
    lower risk decision for the enterprise. The first was certificates, or PKI
    capabilities, which were embedded in the browsers. The next thing that
    happened was the major 20 vendors in the networking world -- the whole
    crew in networking and firewalls -- all standardized around a standard
    called IP SET [Secure Electronic Transaction], which includes digital
    certificates. So basically, each application in an enterprise now, or the
    major applications of an enterprise backbone, are including security as a
    fundamental element, which is forcing companies to consider a public key
    InfoWorld: What developments should IT managers expect to see during the
    next year? 
    Ryan: I think you're going to see a much more wide-scale enablement of
    applications, which really is going to make it much simpler for the
    enterprise to install a PKI, because the applications will be ready to
    accept it. 
    I also think you're going to see networks of trust being created. I think
    one of the first ones we saw was the banking community with their global
    trust organization, which is a high-value, high-trust network for
    Web-based electronic transactions. 
    InfoWorld: Is there a problem with interoperability between different
    companies' digital certificates? 
    Ryan: Fortunately, the industry standards that enable interoperability
    have now passed. But actually, we now can support interworking with
    VeriSign, GTE, Microsoft, Netscape, and others, today, in our product. So
    we actually do have full interoperability in our product and we can create
    webs of trust that include VeriSign or GTE certificate authorities, webbed
    with an Entrust certificate authority, into a network of PKI networking. 
    And we really see that as an innovation that the market has not yet
    anticipated. The evolution will then give customers choices and the
    ability to scale their networks based on what they've bought to date. 
    InfoWorld: Has that interoperability created a different kind of
    competition between Entrust and your competitors? 
    Ryan: We have always worked with large enterprises and basically delivered
    a guaranteed security system that they could buy and integrate every
    application into it, and have single sign-on and consistent policies and
    Our competitors are more focused around the authentication market. They
    don't provide encryption or digital signature, they really count on all
    the various applications to embed that technology.  So we really don't
    compete that often, head-to-head. But I think you'll see, as we migrate
    through this year, a much larger movement with our service provider
    We have partnerships with many service providers, which are more analogous
    to the VeriSign model, but with the full Entrust product suite, combined
    with our ability to implement Entrust Worldwide, a global network that
    we've just created. We'll be able to create really hybrid PKI networks
    where a piece of the PKI is on the customer's premises, and controlled by
    Another piece of the PKI might be controlled by a service provider, and we
    can connect them together seamlessly to be able to enable PKI networking
    and then extend that web of trust to other companies, so that you can
    create a community of interest to conduct electronic commerce. 
    InfoWorld: If digital certificates are all going to interoperate, how are
    companies going to differentiate themselves from their competitors? 
    Ryan: That part is going to be an exciting revolution because it will
    evolve very similarly to the credit card business, and I believe that the
    card or the certificate will become a brand position. I might have a
    Citibank Certificate just like I have a Citibank MasterCard. 
    And I can see that there will be a battle for that identity, and I really
    believe you're going to find there are credentials that you can use across
    a number of services, and that credential may be issued by a bank, or a
    telephone company, or a government. And then I think that most
    organizations who really care about branding and positioning will issue
    certificates to their customers. So a person will end up with probably the
    same number of certificates as they have credit cards. 
    InfoWorld: Do you think the cessation of year-2000 projects is going to
    have an effect on the adoption of security products and specifically PKI
    Ryan: Certainly there's no doubt, it's a very critical element that's on
    the mind of every CIO. I think it's helping accelerate PKI in the first
    six months of the year because I think behind year 2000, many of our
    corporate customers are telling us security is the next, No. 2 critical
    item. And they have to get it fixed, but they want to get going right
    away, before the latter part of the year comes when they're fearful that
    they're going to be a little bit busy with year-2000 testing, if they
    haven't got there yet. 
    In the second half of the year, we've pretty much said it could slow down
    as far as implementation goes. But we actually think that people are going
    to solve a lot more of the problem than they thought, and are actually
    going to be in a position to have the ability to buy the technology for
    implementation in the year 2000. 
    We're cautiously optimistic right now, but we actually see it as an
    accelerator in the short term, and then we'll be waiting and seeing what
    happens. We also have seen though -- without doubt -- once the year-2000
    bug is done, everybody has said security will become the next No. 1
    priority. So I think that that speaks well for the position that we see
    emerging in the enterprises. 
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Hacker News Network [www.hackernews.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:22:02 PDT