VeriSign adds key recovery

VeriSign will add an optional key recovery service, as part of its OnSite outsourced service for managing digital certificates for enterprises.

2 min read
VeriSign will add an optional key recovery service, due to roll out by year's end, as part of its OnSite outsourced service for managing digital certificates for enterprises.

Other new features of Onsite 4.0, which lets corporations issue their own digital IDs but has VeriSign handle the back-end data center and certificate management, are available now.

The key recovery feature will allow companies to recover encrypted data if an employee loses a cryptographic key or leaves the company. The U.S. government requires key recovery for strong encryption exported overseas, but many corporations also want it for their own reasons.

"This is the culmination of the development plan we started about a year ago," said VeriSign CEO Stratton Sclavos. "It has public key infrastructure (PKI) functionality backed by stringer carrier class services and is extranet and e-commerce ready."

PKI is the term for enterprise software that issues, manages, checks, and revokes digital certificates, which are used in online communications as electronic IDs that vouch for the identity of an individual or computer. Issuers also are called certificate authorities or CAs.

The upgraded Onsite service, first announced a year ago and launched in November 1997, adds the ability for corporations to issue digital certificates from a single location within the company, rather than having issuance housed in different departments.

Digital certificates can be used to authenticate users for a variety of intranet, extranet, virtual private network, and e-commerce applications.

VeriSign is the leading service for issuing digital certificate, and Sclavos said it has issued more than 3 million certs to consumers, a separate line of business from its Onsite corporate service. "The announcement clearly positions VeriSign as a strong technology leader," Jim Hurley, an information security analyst at Aberdeen Group, said in a statement.

Its biggest rival is Entrust Technologies, which sells software packages for corporations to issue and manage their own digital certificates themselves.

But new competition looms from consumer credit agency Equifax, which announced in June it will set up an outsourcing digital certificate server using software from IBM. GTE CyberTrust, a unit of phone giant GTE, offers both software and a service for issuing digital certificates.

In addition, Ireland's Baltimore Technologies is active in Europe. U.S.-based Spyrus recently acquired Signet Systems, an Australian certificate authority.

In related announcements today, VeriSign also announced several new partners, including Germany's Secude GmbH, which lets VeriSign certificates be used in SAP's R/3 business applications, and Canada's JetForm, which markets software for secure Web workflow and electronic forms.

VeriSign also announced Morgan Stanley Dean Witter and First Union Bank, as OnSite 4.0 users.

OnSite 4.0 is available for pilot testing beginning at $5,000. New software tools and other modules are available from $10,000.