Year of digital certificates? (article, news.com)
news.com
by Tim Clark
January 9, 1998, 4:45 p.m. PT
This year may go down as the year of the digital
certificate, if announcements set for Monday at the
RSA Data Security conference are an indicator of
things to come in the next 12 months.
At least seven certificate authorities--including
well-known names like VeriSign and Entrust, plus
newcomer Arcanvs--will outline new initiatives.
Digital certificates are electronic IDs that identify
two separate parties in cyberspace. They are used
to verify the identity of an individual or Web site for
secure email, Internet credit card purchases under
the Secure Electronic Transactions (SET) protocol,
online banking, Internet stock trading, and
electronic data interchange (EDI).
GTE CyberTrust, which offers both CA products
plus an outsourcing service, will announce it is
absorbing the consulting arm and some technology
elements from BBN, which parent GTE acquired
last year, according to spokeswoman Erica
Vanderhoof. BBN Technology markets security
hardware for CAs.
CyberTrust also will announce an
enterprise-oriented partnership with
Hewlett-Packard to expand sales, marketing, and
professional services worldwide. The partnership
eventually could impact the Internet commerce
space as well, because HP's VeriFone division is
active with banks and retailers on and off the Net.
CyberTrust also issues SET certificates for
MasterCard and American Express.
Entrust, a spin-off of Canada telecom equipment
giant Northern Telecom, will announce a major
partnership with desktop utilities firm Symantec.
Entrust chief executive John Ryan, a keynoter at the
conference, will be joined by Symantec chief
executive Gordon Eubanks for Monday's
announcement.
VeriSign, which has filed an IPO to issue stock to
the public market, will announce an expansion of its
enterprise offerings, building on its September
announcement of OnSite. That service lets
companies issue digital IDs to employees, partners,
or customers but has VeriSign handle the back-end
functions of verifying certificate holders, revoking
certificates, and otherwise managing the public key
infrastructure.
Arcanvs, a Utah firm, is expected to announce it
will issue digital certificates based on technology
from Pretty Good Privacy, which sometimes is an
RSA rival that is now part of emerging security
consolidator Network Associates.
CertCo, focused on CA software for financial
institutions, will unveil a suite of certificate authority
software that includes a module for managing "root
keys" for CAs and another to issue certificates over
the Web.
Initially, the suite is designed for business-to
business commerce over the Net, not
consumer-oriented transactions. CertCo provided
Visa and MasterCard the root CA system for SET,
which allows for secure card transactions over the
Net.
Ireland's Baltimore Technologies will release the
2.1 version of its UniCert CA software. The
company, which has tapped the European
e-commerce market for digital IDs, also will name
global resellers and technology partners.
ValiCert, a new company that validates certificates
issued by various CAs, is due to announce it has
added new participants to its global field trial. It
also will announce OEM pacts with other security
vendors.
In non-CA news, host RSA will announce officially
that its BSafe 4.0 encryption engine will support
elliptic curve cryptography, which RSA has
criticized in the past as untested. Chief executive
Jim Bidzos said RSA also will announce a new
partnership with a maker of small devices. |
