VeriSign works to simplify digital IDs

For digital certificates to work, they must be "brain-dead simple," says a VeriSign exec.

2 min read
VeriSign is paddling hard to take digital certificates into the corporate mainstream.

The first vendor to unveil such a program, VeriSign is hoping that easier implementation will help sell more digital IDs, which are electronic credentials that vouch for the identity of an online user. To date, widespread use of digital IDs has been stymied by the difficulty of linking them to corporate applications.

Now, VeriSign is offering a series of quick-start efforts, called Go Secure, that combine packaged software, consulting services, and detailed how-to directions.

"It's got to be brain-dead simple to get a certificate and use it," said Steve Crawford, group marketing manager for VeriSign's Onsite Exchange for Microsoft's email software.

VeriSign says the first package, for Microsoft Exchange messaging software, will be available next month.

Analyst Abner Germanow of Framingham, Massachusetts-based International Data Corporation said VeriSign's suite signifies a move among public key infrastructure (PKI) vendors to simplify. PKI is the name for systems that issue and manage digital certificates, which serve as electronic IDs for online use.

"Over the last year, we have seen a feature and function battle going on," said Germanow. "Now we're starting to head into an ease of implementation and ease of use issue."

Mary Anderson, VeriSign's vice president of marketing, said the firm is making the shift to help companies marry PKI technology with business applications, which she said now takes a lot of time and effort.

VeriSign's get-up-and-running-quickly suite will be rolled out for popular corporate applications. In the next 30 days, a virtual private network (VPN) package, now being tested, is slated to be ready. After that, a package to integrate access to corporate intranets and extranets with VeriSign certificates is scheduled for release, followed by an e-mail package for Lotus Notes this fall.

Other big PKI vendors, specifically Entrust and GTE's CyberTrust division, may be pressured to respond, but their approaches differ significantly from VeriSign's.

VeriSign offers an outsourcing service for companies, letting corporations issue digital certificates, while VeriSign handles back-office management. Entrust sells a PKI enterprise application that customers set up and run themselves. CyberTrust offers both PKI products and an outsourcing service.