Re: [ISN] Microsoft to tap VeriSign for security

From: Richard Forno (rfornoat_private)
Date: Tue Jul 10 2001 - 06:02:51 PDT

  • Next message: InfoSec News: "[ISN] Managed Security Deals Leave Networks Vulnerable"

    Maybe this will help MS keep their certificates current and help VRSN avoid
    issuing further erroneous certificates in MS's name! I was wondering why
    VRSN was quietly pushing Win2K in recent months.....
    > From: InfoSec News <isnat_private>
    > Date: Tue, 10 Jul 2001 04:01:02 -0500 (CDT)
    > To: isnat_private
    > Subject: [ISN] Microsoft to tap VeriSign for security
    > By The Associated Press
    > Special to CNET
    > July 9, 2001, 9:20 p.m. PT
    > SEATTLE--Microsoft will enlist VeriSign to help provide security for
    > its planned set of Internet services called .Net, the companies were
    > scheduled to announce Tuesday.
    > Financial terms of the deal were not disclosed.
    > Microsoft has been hounded by concerns over privacy and security since
    > announcing plans to release .Net and HailStorm, a related set of paid
    > subscription services ranging from banking to making dental
    > appointments over the Internet.
    > The system will depend on customers' willingness to store personal
    > information including credit card numbers and personal calendars via a
    > Microsoft system called Passport.
    > Passport was originally introduced as a system for remembering
    > multiple Web site log-ons across the Internet and is now shaping into
    > a cornerstone to storing personal information needed for .Net.
    > Through this deal, VeriSign will provide additional "digital
    > certificates" over the Passport system for certain transactions
    > requiring extra security, such as bank transfers, the companies said.
    > Those customers who use Microsoft's Windows desktop operating system
    > will find that the two services can be linked, said Microsoft Vice
    > President Sanjay Parthasarathy, with the digital certificates stored
    > on the operating system. Others will be able to store their
    > certificates in areas designated by VeriSign, based in Mountain View,
    > Calif.
    > The companies are touting the ease of this system, saying the added
    > security won't necessarily require that users use an extra password.
    > "The issue you deal with is that customers want ease of use but they
    > also want higher levels of trust," VeriSign President and Chief
    > Executive Stratton Sclavos said. "Before those two things were
    > mutually exclusive, but now they can be as simple as one password."
    > But Sclavos acknowledged that providing the extra security without an
    > extra log-on could backfire because it requires that a potential
    > hacker know only one password to access a broad array of personal
    > information.
    > "It needs to scale with the level of risk," he said.
    > The non-exclusive deal will allow both companies to partner with other
    > enterprises, Parthasarathy said.
    > Microsoft previously announced a partnership with, based in
    > Sunnyvale, Calif., to provide personal firewall security services for
    > Passport.
    > ISN is hosted by
    > ---
    > To unsubscribe email isn-unsubscribeat_private
    ISN is hosted by
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Wed Jul 11 2001 - 00:23:52 PDT