[ISN] Locking up e-commerce security

From: mea culpa <jericho_at_dimensional.com> Date: Tue 03 Nov 1998 - 08:27:59 CST

Forwarded From: darek milewski <darekm@cmeasures.com>

Locking up e-commerce security
By Tim Clark
Staff Writer, CNET News.com
November 3, 1998, 4:10 a.m. PT
URL: http://www.news.com/News/Item/0,4,28240,00.html

Digital certificate technology, used to vouch for the identity of online
stores, continues to evolve as banks and online merchants gird for what
they hope will be a boom in e-commerce. 

Yesterday, GTE CyberTrust said it will enable banks to issue digital
certificates--but not SET certificates--to Internet merchants to conduct
online transactions. 

Instead it will issue certificates to use for Secure Sockets Layer (SSL) 
transactions, which are the most common types of credit card transactions
on the Internet today. As separate offerings, CyberTrust sells certificate
authority (CA) software or issues digital certificates for use in the
Secure Electronic Transactions (SET) protocol being pushed for online card
transactions by Visa and MasterCard. 

The new CyberTrust SureServer Certificates or electronic credentials vouch
for the identity of an online store so shoppers know whom they're dealing
with. 

But GTE's announcement isn't this week's only news in the public key
infrastructure sector. Entrust Technologies announced that it is
licensing, without royalties, its patented certification revocation list
distribution technology to archirivals VeriSign, Microsoft, Spyrus,
Structured Arts, and LJL Enterprises. 

In April, Entrust offered free licenses to parts of its patented
technology, aiming to boost industry standards. It has emerged as a de
facto standard and is included in Internet Engineering Task Force draft
standards. 

In another development, Ireland's Baltimore Technologies, which opened
U.S. operations last month, has released VPNGateway, a new module for
Baltimore's UniCERT Certificate Authority to process requests for VPN
certificates. 

Baltimore also made available an IPSec certificate issuing facility on its
Web site to enable VPN vendors to test their products with Baltimore
certificates. Entrust made a similar announcement last month.  

-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]