Netscape battens down security hatches
To quiet users' concerns about security and wrest attention away from Microsoft, Netscape Communications is planning to release two upgrades of its Navigator browser.
The company plans to release in May a version of Navigator code-named Atlas that will add client-side authentication, a feature that allows Web servers to verify the identity of a user automatically and helps prevent hackers from "spoofing," or impersonating, client machines, said Alex Edelstein, Navigator product manager.
Client authentication is made possible by a sort of cyberspace passport called a Digital ID, a brand of digital certificate that is embedded in the user's browser. The system is designed to improve the password-based security systems that are now common at many members-only Web sites. Once widely adopted, client authentication will not only be safer but also relieve users entirely of the need to remember passwords because the browser will do it automatically by flashing a Digital ID.
Netscape is working with VeriSign, the leading developer of digital certificates, to provide the Digital ID technology for Navigator. Microsoft also has a relationship with VeriSign but has not announced a plan to add client authentication to Internet Explorer.
In the second half of 1996, Netscape will release its second browser update, code-named Dogbert, which will also support digitally certified applets. This technology works comparably to Digital IDs, but instead of verifying the user's identity, it certifies the origins of executable applications such as Java applets and ActiveX controls.
This is important because executable codes can be exploited to gain access to a system or even transfer viruses, and users need to be certain that applets from software developers aren't being impersonated by applets from software hackers.
This will match a feature that will appear in Internet Explorer 3.0 this summer that will let Microsoft's browser certify that an ActiveX control has come from a trusted source.
The Dogbert release will also add support for Secure/MIME, a standard for encrypting mail attachments, to its integrated mail client.
Netscape made today's announcement in part to regain its momentum in the fiercely competitive browser market after America Online stunned the industry yesterday by announcing an unexpected alliance with Microsoft.
Only one day after the leading online service said it would include Navigator in its arsenal of browsers, America Online agreed to make Microsoft's Internet Explorer the standard, built-in browser for its 5 million members while Microsoft bundles AOL access into its Windows 95 operating system.