By Rachel Chalmers
While 98% of companies use passwords for authentication today, in two years’ time, 56% expect to be using digital certificates. That startling finding has emerged from a Forrester Report called A Digital Certificate Road Map. The report, based on interviews with 50 of the Global 2500, found that interoperability and the sheer number of options are the chief concerns barring the immediate adoption of certificates. It urges public key infrastructure (PKI) pioneers Entrust, Cybertrust and VeriSign to back the PKIX standard effort with open source certificate code. Certificates are no panacea, Forrester warns. They aren’t cheap, they lack interoperability and they have weak application support. The bottom line for users is to roll certificates out in stages. Suppliers should get them now. Employees can wait until Windows upgrades are rolled out in 2001. For now, customers will have to make do with passwords. When public certificates mature, however, Forrester expects them to take on frequent flyer properties, enabling firms to single out their top customers for special treatment. The study concludes with these predictions: certificate-related services will boom, but biometrics will bomb. Portals will consolidate commerce and content, and anti-virus companies will grow their web sites into fully-fledged security portals.
The market for digital certificates, in other words, is a frontier with all the risk and opportunity that that implies. It is to exploit this frontier that RSA has detached the certificate server from its Keon product family and launched it as a standalone product. Product manager Marty Jost explains that Keon Certificate Server was co-developed with help from RSA’s parent company Security Dynamics and from VeriSign, itself a spin-off from RSA in the first place. VeriSign has cross-licensed the certificate server engine back to RSA, originally for use underneath Keon, and now for sale.
Jost describes the Certificate Server as a natural extension to RSA’s B-SAFE software development kits. Enterprises and independent software vendors will be able to use both to PKI- enable their applications. It makes the Keon architecture more modular and more interoperable with other systems, Jost told ComputerWire. We have taken the certificate server components out of Keon, packaged them and exposed APIs for developers. Pricing is on a per-user model, meaning there’s no associated charge per application, no limit to the number of certificates issued nor any additional cost when multiple certificates are issued per user. That means enterprises can, for example, start by issuing employees S/MIME certificates for email, give those same employees IPsec certificates for a virtual private network and finally add SSL certificates for the web. Keon Certificate Server starts at $50 per user for a minimum of 50 users. Site licenses are also available.