In an effort to promote the use of its validation server software, ValiCert plans to give away software tools for creating Internet applications that can verify digital certificates from multiple issuers.
The company, which offers software and services to validate digital certificates issued by different certificate authorities (CAs), said ValiCert Toolkit 2.0 supports several validation mechanisms and standards, including widely used Certificate Revocation Lists (CRLs).
"With this universal toolkit, any application developer can now develop and deploy certificate-based applications without worrying about who the issuing CA is, what the network environment is, or what the validation methodology is," said Yosi Amram, ValiCert's CEO.
Digital certificates are electronic IDs that vouch for the identity of a computer or its user. They are emerging as a popular way to verify a person's identity online, but digital certificates from different vendors commonly do not interoperate. ValiCert's business aims to let companies accept certificates no matter who issued them.
This universal approach is important because the various public and private certificate authorities support different validation protocols. Also, many applications supporting certificate-based transactions require different approaches for validating certificates.
By giving away free toolkits to software developers, ValiCert hopes to create demand for the validation server software its sells. For applications that use ValiCert's tools, many companies will need a verification server to cross-certify digital IDs, in addition to a certificate server for issuing certs.
ValiCert's goal is to make its validation server ubiquitous. "Once we get our toolkit out there, making it sort of a standard because it's ubiquitous, we are in the position to sell our validation servers to enterprises that want to issue validations inside their firewalls," Amran said.
In addition to supporting CRLs, ValiCert also said its toolkit will support Online Certificate Status Protocol (OCSP), an emerging standard being worked on at the Internet Engineering Task Force, and ValiCert's proprietary Certificate Revocation Trees (CRTs) protocol, which the company believes runs faster than CRLs. An earlier version of the toolkit only supported ValiCert's CRT.
The new toolkit is available free for an unlimited binary license and can be downloaded from ValiCert's Web site. It includes off-the-shelf components that can be plugged into Internet applications to verify digital certificates using multiple protocols.
ValiCert has won the endorsement of the Financial Services Technology Consortium (FSTC), a technical group for banks and financial services providers. ValiCert has partnerships with certificate authorities and companies selling certificate servers worldwide, including Ireland's Baltimore Technologies, Entrust Technologies, GTE Cybertrust, and Netscape Communications.