View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
June 27, 1999

The Rise and Rise of Digital Certificates

By CBR Staff Writer

By Rachel Chalmers

While 98% of companies use passwords for authentication today, in two years’ time, 56% expect to be using digital certificates. That startling finding has emerged from a Forrester Report called A Digital Certificate Road Map. The report, based on interviews with 50 of the Global 2500, found that interoperability and the sheer number of options are the chief concerns barring the immediate adoption of certificates. It urges public key infrastructure (PKI) pioneers Entrust, Cybertrust and VeriSign to back the PKIX standard effort with open source certificate code. Certificates are no panacea, Forrester warns. They aren’t cheap, they lack interoperability and they have weak application support. The bottom line for users is to roll certificates out in stages. Suppliers should get them now. Employees can wait until Windows upgrades are rolled out in 2001. For now, customers will have to make do with passwords. When public certificates mature, however, Forrester expects them to take on frequent flyer properties, enabling firms to single out their top customers for special treatment. The study concludes with these predictions: certificate-related services will boom, but biometrics will bomb. Portals will consolidate commerce and content, and anti-virus companies will grow their web sites into fully-fledged security portals.

The market for digital certificates, in other words, is a frontier with all the risk and opportunity that that implies. It is to exploit this frontier that RSA has detached the certificate server from its Keon product family and launched it as a standalone product. Product manager Marty Jost explains that Keon Certificate Server was co-developed with help from RSA’s parent company Security Dynamics and from VeriSign, itself a spin-off from RSA in the first place. VeriSign has cross-licensed the certificate server engine back to RSA, originally for use underneath Keon, and now for sale.

Jost describes the Certificate Server as a natural extension to RSA’s B-SAFE software development kits. Enterprises and independent software vendors will be able to use both to PKI- enable their applications. It makes the Keon architecture more modular and more interoperable with other systems, Jost told ComputerWire. We have taken the certificate server components out of Keon, packaged them and exposed APIs for developers. Pricing is on a per-user model, meaning there’s no associated charge per application, no limit to the number of certificates issued nor any additional cost when multiple certificates are issued per user. That means enterprises can, for example, start by issuing employees S/MIME certificates for email, give those same employees IPsec certificates for a virtual private network and finally add SSL certificates for the web. Keon Certificate Server starts at $50 per user for a minimum of 50 users. Site licenses are also available.

Content from our partners
Green for go: Transforming trade in the UK
Manufacturers are switching to personalised customer experience amid fierce competition
How many ends in end-to-end service orchestration?

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.