ad info
   personal technology

 custom news
 Headline News brief
 daily almanac
 CNN networks
 CNN programs
 on-air transcripts
 news quiz

CNN Websites
 video on demand
 video archive
 audio on demand
 news email services
 free email accounts
 desktop headlines

 message boards




Feds want a digital certificate in every pot

July 16, 1998
Web posted at: 11:40 AM EDT

by Ellen Messmer


Washington, D.C. (IDG) - The federal government is starting to get downright geeky. While many technically savvy organizations are only toying with the idea of digital certificates, the feds seem ready to jump in whole hog.

In fact, the government may be offering a digital certificate to everyone in the country in the not too distant future, at least according to Marty Wagner, associate administrator for government IT and electronic commerce policy at the General Services Administration (GSA).

"We need a security infrastructure that protects the citizens and corporations," Wagner said in his keynote presentation at last week's E-Gov conference, which highlighted efforts the government is making to make online purchases from suppliers and make government services available to the public via the Internet.

X.509 digital certificates let Internet users identity themselves to each other remotely, and the government is considering offering everyone in the country a certificate if they want it, he said. "We're thinking about having multiple contracts to the companies that provide digital certificates, and these companies would give out the certificates for free," Wagner said. The idea is that the federal agencies would reimburse the companies for the certificates when they are used in agency applications.

The Feds may have a special interest in the widespread use of certificates. For instance, the Social Security Administration (SSA) earlier this year faced criticism from the press for allegedly not having sufficient authentication security on its Web site. The SSA Web site was allowing Web visitors to see personal financial information via passwords; using certificate-based authentication would be far more secure. However, this practice could become expensive because under some scenarios the government would end up paying a vendor $1 for each time a certificate is validated online, Wagner acknowledged.

  Network World Fusion home page
 Free registration required to access Network World
  Free Network World Fusion newsletters
  Get Media Grok and The Industry Standard Intelligencer delivered to for free
 Reviews & in-depth info at's bridges & routers page's hubs & switches page's network operating systems page's network management software page's personal news page
  Questions about computers? Let's editors help you
  Search in 12 languages
  Subscribe to's free daily newsletter for network experts
 News Radio
  PC World News Radio
  Computerworld Minute audio news for managers
Ready, SET

To kick off the E-Gov conference with some fanfare, Congressman Michael Castle (R-Del.) stepped onto the show floor to buy dollar-bill souvenirs from the Web site store of the U.S. Bureau of Engraving. But instead of plunking down cash, Castle used a credit card protected by Secure Electronic Transaction (SET) technology.

Rep. Castle's souvenir purchase from the electronic storefront was hailed as the first transaction ever to use SET with elliptic-curve encryption technology, which is believed to be a faster approach to encryption than RSA Data Security, Inc.'s widely-used public key technology. The SET credit card demonstration was done with help from Certicom Corp. and about a dozen partners, including MasterCard International, Inc., Mellon Bank, Zions Bank and Schlumberger Corp, which provided the smart cards. GTE Internetworking, Inc. and Digital Signature Trust Co. were the two digital certificate providers in the electronic commerce pilot.

SET digital certificates let the consumer, merchant and bank identity one another online using the SET protocol. Elliptic-curve encryption technology is not actually part of the current SET 1.0 standard, which has had some trouble getting adopted. Rather, RSA's encryption technology is the foundation for the SET standard, which was created by MasterCard and VISA International, Inc. with help from IBM, Microsoft Corp., Netscape Communications Corp. and others.

However RSA's encryption technology has faced criticism from some in the banking industry. They claim it is too slow to handle the multiple Internet-based processes among the consumer's electronic wallet, the merchant SET server and the bank SET gateway that are called for by the SET standard. Certicom's elliptic-curve encryption may be somewhat faster than RSA public-key, so there is a lot of discussion in the SET community about expanding SET 2.0 to use multiple algorithms.

Related stories:
Latest Headlines

Today on CNN

Related stories:

Note: Pages will open in a new browser window Related sites:

External sites are not
endorsed by CNN Interactive

Enter keyword(s)   go    help


Back to the top
© 2000 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.