Forwarded From: phreak moi <hackerelite@deathsdoor.com>
http://www.news.com/News/Item/0,4,27419,00.html?st.ne.ni.lh
VeriSign adds key recovery
By Tim Clark
Staff Writer, CNET News.com
October 12, 1998, 12:00 p.m. PT
VeriSign will add an optional key recovery service, due to roll out by
year's end, as part of its OnSite outsourced service for managing digital
certificates for enterprises.
Other new features of Onsite 4.0, which lets corporations issue their own
digital IDs but has VeriSign handle the back-end data center and
certificate management, are available now.
The key recovery feature will allow companies to recover encrypted data if
an employee loses a cryptographic key or leaves the company. The U.S.
government requires key recovery for strong encryption exported overseas,
but many corporations also want it for their own reasons.
"This is the culmination of the development plan we started about a year
ago," said VeriSign CEO Stratton Sclavos. "It has public key
infrastructure (PKI) functionality backed by stringer carrier class
services and is extranet and e-commerce ready."
PKI is the term for enterprise software that issues, manages, checks, and
revokes digital certificates, which are used in online communications as
electronic IDs that vouch for the identity of an individual or computer.
Issuers also are called certificate authorities or CAs.
The upgraded Onsite service, first announced a year ago and launched in
November 1997, adds the ability for corporations to issue digital
certificates from a single location within the company, rather than having
issuance housed in different departments.
Digital certificates can be used to authenticate users for a variety of
intranet, extranet, virtual private network, and e-commerce applications.
VeriSign is the leading service for issuing digital certificate, and
Sclavos said it has issued more than 3 million certs to consumers, a
separate line of business from its Onsite corporate service. "The
announcement clearly positions VeriSign as a strong technology leader,"
Jim Hurley, an information security analyst at Aberdeen Group, said in a
statement.
Its biggest rival is Entrust Technologies, which sells software packages
for corporations to issue and manage their own digital certificates
themselves.
But new competition looms from consumer credit agency Equifax, which
announced in June it will set up an outsourcing digital certificate server
using software from IBM. GTE CyberTrust, a unit of phone giant GTE, offers
both software and a service for issuing digital certificates.
In addition, Ireland's Baltimore Technologies is active in Europe.
U.S.-based Spyrus recently acquired Signet Systems, an Australian
certificate authority.
In related announcements today, VeriSign also announced several new
partners, including Germany's Secude GmbH, which lets VeriSign
certificates be used in SAP's R/3 business applications, and Canada's
JetForm, which markets software for secure Web workflow and electronic
forms.
VeriSign also announced Morgan Stanley Dean Witter and First Union Bank,
as OnSite 4.0 users.
OnSite 4.0 is available for pilot testing beginning at $5,000. New
software tools and other modules are available from $10,000.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Mon Oct 12 21:20:37 1998