In another attempt to match Netscape Communications feature for feature, Microsoft today announced a suite of security technologies to boost the safety of Net communications, including digital certificates and the addition of an electronic wallet to Internet Explorer.
The Microsoft Internet Security Framework combines a number of new and previously announced technologies that echo security offerings announced but not yet delivered by Netscape in recent months. But Microsoft is planning to play its trump card--its control of Windows--to distinguish its products from its rival.
"These technologies coexist nicely with existing investments. It's not that I'm going on the Internet and I'm putting on a new hat and coat. It should be seamless [between the Internet and corporate applications]," said Prady Misra, product unit manager for Internet security at Microsoft.
In the fourth quarter, the company will release a beta version of the Microsoft Certificate Server, a Windows NT server for issuing, managing, and revoking digital certificates, electronic passports that allow servers to prove a user's identity over the Internet through public key cryptography.
While the server will let companies issue and manage their own certificates, Microsoft said the next beta version of Internet Explorer 3.0, due out at the end of this month, will also support client authentication through digital certificates issued by public certifying authorities such as Verisign, according to Misra.
Digital certificates are being touted as a critical technology for electronic commerce and corporate applications that require client authentication to prove a user's identity, in addition to encryption. Digital certificates can also facilitate single log-on capabilities to Web sites that require passwords, allowing them to automatically sign on to Web sites without having to remember passwords.
Netscape last April announced its Certificate Server for issuing certificates and already supports client-authentication in the beta version of Navigator 3.0, due out in final form later this summer. Microsoft will try to outdo Netscape, however, by also offering single log-on capabilities to not just Web sites but also a range of network resources, including NetWare, Windows NT, and Macintosh servers.
Microsoft has also tried to one up Netscape by announcing Microsoft Wallet, a program that allows users to store and organize passwords, digital certificates, and credit card numbers for use over the Internet. The wallet will be integrated into a version of Internet Explorer by the third quarter. Netscape last month announced it will integrate wallet technology into Navigator by the fourth quarter.
But Microsoft's advantage is that Microsoft Wallet will not be limited to Internet Explorer. It will also work with other browsers and even other desktop applications so that they can use passwords and other data stored in the wallet, via Personal Effects Exchange, a standard proposed by Microsoft for transferring personal security data between applications.
Microsoft today also announced that it would beef up its Windows CryptoAPI (application programming interface), a feature of the ActiveX software development kit that allows programmers to build cryptography into their applications. CryptoAPI 2.0 will go into beta testing in the third quarter and will support client authentication.
Microsoft said it will support offer its wallet, CryptoAPI, code-signing, client authentication, and SET (Secure Electronic Transactions) technologies for Unix and Macintosh, as well as Windows, a factor that could help it compete against Netscape, which already sells its products on all three platforms.