ad info




CNN.com
 MAIN PAGE
 WORLD
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
* TECHNOLOGY
   computing
   personal technology
 SPACE
 HEALTH
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 ARTS & STYLE
 NATURE
 IN-DEPTH
 ANALYSIS
 myCNN

 Headline News brief
 news quiz
 daily almanac

  MULTIMEDIA:
 video
 video archive
 audio
 multimedia showcase
 more services

  E-MAIL:
Subscribe to one of our news e-mail lists.
Enter your address:
Or:
Get a free e-mail account

 DISCUSSION:
 message boards
 chat
 feedback

  CNN WEB SITES:
CNN Websites
 AsiaNow
 En Español
 Em Português
 Svenska
 Norge
 Danmark
 Italian

 FASTER ACCESS:
 europe
 japan

 TIME INC. SITES:
 CNN NETWORKS:
Networks image
 more networks
 transcripts

 SITE INFO:
 help
 contents
 search
 ad info
 jobs

 WEB SERVICES:

COMPUTING

From...
Network World Fusion

VeriSign takes the pain out of digital certificates

January 17, 2000
Web posted at: 10:19 a.m. EST (1519 GMT)

by Tim Greene

(IDG) -- VeriSign thinks it should be easier to use digital certificates to verify virtual private network (VPN) users, so the company is simplifying the process.

Rather than using a cumbersome manual procedure to enroll in VeriSign's certificate authority service, users of the company's new automated service will be able to simply integrate VeriSign certificates and encryption keys with VPN gear made by other vendors. The first vendor to partner in the VeriSign venture, known as Go Secure, is Check Point. VeriSign plans to announce similar relationships with Nortel Networks and other VPN vendors later this year.

To use Go Secure, customers must first buy a Check Point VPN-1 firewall or SecureRemote VPN software. Neither of those products comes with digital certificates.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  The need for online identities
  Europe in digital-signature drama
  Ventura puts his signature on the digital world
  IDG.net's network operating systems page
  Reviews & in-depth info at IDG.net
  E-BusinessWorld
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for network experts
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

In the past, customers could buy a VeriSign service called On-Site to get digital certificates, but they had to configure their VPN clients manually.

This task is so complicated that it requires an ISstaff member to register each end-user machine, says James Mascaro, network architect for Xcelerate, an e-business consultancy in Fort Lauderdale, Fla. "It's a rather lengthy and easily messed-up process," Mascaro says. "As soon as you get a large number of users, distributing certificates becomes unmanageable," says Steve Harris, an analyst with International Data Corp. in New York.

With the Go Secure service for Check Point products, rather than going through a complex string of downloading files and importing them into Check Point VPN software, end users log on to a Web site and click twice. They can then use a VeriSign certificate to authenticate themselves for the purpose of exchanging encryption keys used to secure Internet connections.

For Check Point, Go Secure automates interactions between an end user's Web browser and a Check Point client to install certificates. With Go Secure for other vendors, automation of the VeriSign enrollment will take place within the VPN client software itself. Without the automated process, Check Point end users would have to pick up certificates from a VeriSign Web site and install them in their browsers. Then users would export them to their hard drives and import them into their Check Point clients.

"It's ugly," says Marshall Behling, VeriSign's strategic business development manager.

With Go Secure, network administrators have some work to do before end users can use the automated enrollment. First they must upload a list of authorized users, and each one is assigned a passcode by VeriSign. The lists can be integrated with existing firewall user databases or Lightweight Directory Access Protocol files.

Administrators then distribute the passcodes securely and tell end users to pick up their certificates at a secure VeriSign Web page. Go Secure for Check Point costs $35,000 for up to 500 users or $60,000 for 1,000 users. It will be available in February. Go Secure for Nortel Contivity products is scheduled for release this spring, but no other details were available. Go Secure for other vendors' products is scheduled for later this year.


RELATED STORIES:
Compromise likely on digital signature bill
November 8, 1999
Fighting the plague of identity theft
October 11, 1999
Digitalme gives users one Net profile
October 7, 1999

RELATED IDG.net STORIES:
The need for online identities
(Infoworld)
Feds name two more digital certificate vendors
(Computerworld)
Europe in digital-signature drama
(The Industry Standard)
Ventura puts his signature on the digital world
(Civic.com)
Australian law rewritten to accommodate e-signatures
(Computerworld Australia)
Clinton uses digital signature to sign e-commerce communique
(Civic.com)
IETF and W3C agree: Digital signatures need XML
(Network World Fusion)
Digital-signature advocates target American Bar Association
(Civic.com)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:
VeriSign
AT&T DSA Signature Software
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.