Locking up e-commerce security
Digital certificate technology continues to evolve as banks and online merchants hope for a boom in e-commerce.
Yesterday, GTE CyberTrust said it will enable banks to issue digital certificates--but not SET certificates--to Internet merchants to conduct online transactions.
Instead it will issue certificates to use for Secure Sockets Layer (SSL) transactions, which are the most common types of credit card transactions on the Internet today. As separate offerings, CyberTrust sells certificate authority (CA) software or issues digital certificates for use in the Secure Electronic Transactions (SET) protocol being pushed for online card transactions by Visa and MasterCard.
The new CyberTrust SureServer Certificates or electronic credentials vouch for the identity of an online store so shoppers know whom they're dealing with.
But GTE's announcement isn't this week's only news in the public key infrastructure sector. Entrust Technologies announced that it is licensing, without royalties, its patented certification revocation list distribution technology to archirivals VeriSign, Microsoft, Spyrus, Structured Arts, and LJL Enterprises.
In April, Entrust offered free licenses to parts of its patented technology, aiming to boost industry standards. It has emerged as a de facto standard and is included in Internet Engineering Task Force draft standards.
In another development, Ireland's Baltimore Technologies, which opened U.S. operations last month, has released VPNGateway, a new module for Baltimore's UniCERT Certificate Authority to process requests for VPN certificates.
Baltimore also made available an IPSec certificate issuing facility on its Web site to enable VPN vendors to test their products with Baltimore certificates. Entrust made a similar announcement last month.