Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Identix (IDNX) -- Ignore unavailable to you. Want to Upgrade?

To: brad greene who wrote (13389)	5/7/1999 5:36:00 PM
From: David	Read Replies (1) \| Respond to of 26039

A technical, but not too technical, explanation of how Novell (and eventually MSFT and SUNW) promotes a PKI regime: networkmagazine.com "OS-ENABLED SECURITY "A recent, yet very interesting development in the PKI market is the trend toward integrating PKI features into server-based operating systems. A PKI encompasses a number of components within a network, including servers and directories, so it makes sense to build the features right into the OS. "Novell is leading the way with its Public Key Infrastructure Services (PKIS) 1.0, which comes free with NetWare 5. PKIS allows the use of digital certificates and public key cryptography within an NDS-based network. And since there are more than a few companies that rely heavily on NDS to manage their user information, weaving in PKI capabilities makes sense for companies that want to use existing products. "Certificate management occurs through NetWare's NWAdmin utility, which provides a single, central point of administration for public keys and certificates. "PKIS supports in-house CAs and lets companies send internally generated certificates to a third party such as Verisign or GTE Cybertrust for an additional signature, but product features also eliminate the need for a third-party CA. Companies can use products like Netscape's Certificate Management System, and integrate its certificate generation capabilities with NDS. "Public and private key pairs can be generated on a NetWare server, which in turn sends the keys to PKIS. PKIS will then get an associated certificate either from within, or from an external CA. "It also provides certificate and key storage through NDS, secure management of private keys, and certificate renewal. "When a certificate's predetermined expiration date approaches, PKIS lets administrators check the certificate's attributes and change any parameters. PKIS also lets administrators create a completely new certificate based on a new key. "Novell has also announced that it is working on supporting digital signatures, which provide for nonrepudiation in electronic communications. [Is this us?] The company also plans to support different classes of certificates, much like Verisign has been doing from the beginning; this class distinction will translate to different levels of trust associated with a particular certificate. "As you might expect, Novell's chief rival in the OS market, Microsoft, is also dealing with the issue of PKI. Microsoft already includes integrated PKI services through a service pack to Exchange 5.5 that upgrades the key management server component of the popular messaging software. This key management server is compatible with Microsoft's Certificate Server, which is an option to Windows NT and Microsoft Internet Information Server 4.0 that issues, renews, and revokes X.509 digital certificates without the need for an external CA. "The next logical step is to integrate PKI capabilities into Windows 2000 (the new name for Windows NT), which most observers expect by the end of 1999. Microsoft has announced it will integrate the Certificate Server with Active Directory, also due by the end of 1999. "Not to be left in the dust, Sun Microsystems has said it will embed support for PKI services in its Solaris operating system by mid-1999. Sun plans to let users create public keys and make it much easier to implement a PKI. Because Solaris supports LDAP, third-party PKI products can be integrated. Also, Solaris' PKI services will support smart cards for authentication. "Built-in PKI support in some of the most popular operating systems could give established PKI vendors a reason to look over their shoulders, but it can also lead to greater understanding of the technology and jump-start the entire market." =============================== In other words, the OS vendors are threatening to take some of the software profits from the PKI vendors by incorporating software centrally into their Internet-level directories. (This is similar, I think, to what could happen to biometric vendors if Microsoft wants to centrally incorporate a biometric algorithm.) However, this will also promote the creation of a digital certificate/digital signature universe across the Internet. Since IDX wants to be the digital signature provider via fingerscans, not too bad for us. Some of these possibilities can make you worry about ultimate software margins. ======================== Brad, while you and the other Commissioners are deciding on an upgrade from the present frothing at the mouth IDX buy, please remember the stock has already doubled over the past five weeks.