X

ValiCert service checks IDs

ValiCert next month will begin field trials of its service for checking the validity of the digital certificates issued by certificate authorities.

2 min read
ValiCert next month will begin field trials of its service for checking the validity of the digital certificates issued by certificate authorities (CAs).

The global field trials will involve two European CAs, Ireland's Baltimore and BelSign, plus Thawte, a South African issuer of digital documents to verify the identity of a person or computer on a network. ValiCert estimates the three CAs collectively have issued hundreds of thousands of digital certificates.

ValiCert's global validation service is designed so users of digital certificates can quickly check the validity of an ID when it is shown to vouch for a user's identity on the Internet, intranet, or extranet.

ValiCert compares its validation service and clearinghouse for digital IDs to credit card authorizations, which allow a merchant to check credit limits for a charge card customer no matter where in the world the charge is being made.

"Digital certificates need to do the same thing for secure communications and commerce," Yosi Amram, ValiCert's chief executive, said. "Without validation there isn't such a thing."

Early pilots of digital certificates, particularly by major corporations, have been hampered because of difficulties in validating IDs issued by another entity, Amram said.

Digital certificates can be validated by checking the issuer's certificate revocation list or CRL. But that involves contacting the issuer directly. By providing a clearinghouse, ValiCert aims to simplify that process. The CAs in the pilot will feed their CRLs directly to ValiCert.

Pricing for the service has not been finalized, but ValiCert chairman Chini Krishnan expects customers to include corporations, merchants, and ISPs that use digital IDs regularly. The company is hoping to provide a free version of its service for individuals and others who don't need the most up-to-date information.

The service will validate certificates used for a variety of applications, Amram said, including secure email (S/Mime), secure charge card purchases (Secure Electronic Transactions or SET), and secure EDI (electronic data interchange).