Disclaimer: This information comes from sources that cannot be verified. As such, make no assumptions about its completeness or accuracy. We endeavor to keep this information up to date as much as possible. Feel free to send comments/ updates to the Security News Editor.

Entrust Aims to Advance Cross-Certification

[November 17] Entrust Technologies, Inc., provider of public key infrastructure (PKI) solutions, announced today its support for cross-certification, a system that extends security to a vendor's third-party partners.

With the endorsement of 12 industry leaders, including American Biometric, Bell Global Solutions, Chrysalis-ITS, Entegrity Solutions, General Network Services, GTE CyberTrust Solutions, Harbinger, Hewlett-Packard, KyberPASS, Tandem Computers, TradeWave, and Worldtalk, the extended security solution enables vendors within a PKI to build trust among its external partners and customers.

"Cross-certification is one of the most important advances in this industry in recent years. It provides organizations with a comprehensive security management framework that can bring together hundreds of products, services and applications into a global interoperable security architecture," said John Ryan, Entrust Technologies' president and chief executive officer.

A cross-certification process occurs when a Certification Authority (CA) certifies the certificate signing key of another CA, extending the initial CA's domain to include those from other CAs. This serves to add interoperability among different products and services comprising a PKI.

"The ability to cross-certify among different Certification Authorities is one of the important initiatives in the security space that Hewlett-Packard has been promoting among its partners," said Patty O'Brien, director of solutions marketing for Hewlett-Packard's Internet and Applications Systems Division.

"We are very pleased to be part of this important interoperation and cross-certification effort where Entrust Technologies has taken the lead to bring together a variety of PKI-aware vendors and PKI solution providers."

The system is based on the Internet Engineering Task Forces' (IETF) PKIX-3 protocol, which is also gaining support throughout the industry.

"PKIX-3 is the industry standard that makes cross-certification possible. We're pleased to see so many companies join us in supporting this important standard, which enables enterprise customers to broaden their trust relationships while retaining control and ownership of critical data," said Ryan.