Public-Key Infrastructure – The VeriSign Difference Diff.pdf · 2..... Public Key Infrastructure...

24
10-8 . . . . . . . . . . . . . . . . . . . . VeriSign Strategy White Paper #98-01 Public-Key Infrastructure – The VeriSign Difference

Transcript of Public-Key Infrastructure – The VeriSign Difference Diff.pdf · 2..... Public Key Infrastructure...

10-8

. . . . . . . . . .

..........VeriSign Strategy White Paper #98-01

Public-Key Infrastructure– The VeriSign Difference

2

..........

Public Key Infrastructure(PKI) – The VeriSignDifferenceOperating secure, business-criticalapplications over the Internet requires anadvanced enterprise PKI. Selecting theright approach to enterprise PKI candramatically affect the bottom-line.

Introducing Enterprise PKIEnterprises around the world are deploying a new generation of distributed,business-critical applications—enabling delivery of new products and serviceson an unprecedented scale—over intranets (employees), extranets (tradingpartners), and the Internet (worldwide customers and prospects). Theseapplications must be operated in a high-availability, high-securityenvironment, in order to gain customer confidence and allow enterprises toexploit the advantages of the electronic marketplace—faster time-to-market,lower distribution costs, and greater access to global customers.

One element has now emerged as the foundation for secure distributedapplications, including supply chain management, secure messaging, e-commerce, virtual private networks, and intranet applications—that element isPublic Key Infrastructure (PKI). An enterprise’s PKI constitutes the core ofits Internet security infrastructure—the key to ensuring authenticated, privateand non-repudiable communications and transactions. The success of anenterprise’s PKI will have a major impact on its core business operations.

3

Critical Success Factors in Running an Enterprise PKI

In the online-all-the-time world of the Internet, one of the biggest challengesyou will face in operating a PKI is satisfying your customer expectations for ahighly-available, highly-secure, PKI service. From the perspective of acustomer, business partner, or internal client, the end-result of a successfulPKI is measured by the ease of obtaining and using digital certificates—trusted electronic credentials that enable access control, secure messaging, andtransaction security for business-criticalapplications. From the enterprise perspective,running a PKI operation means running a trustedonline service for end users. Managers may bestaking their jobs—and enterprises theirbusiness reputations—on the success of theirPKI solution.

In selecting an enterprise PKI solution, there arefive critical success factors that will likelydetermine the success or failure of your trustedPKI operation—spanning PKI technology,infrastructure, and business practices:

• Proven PKI Technology: Full PKIfunctionality includes support for certificateissuance and life-cycle management,processing and protocols for diversecertificate types, comprehensive administration functions, recordsretention, directory integration, and key management. How do you runstate-of-the-art PKI technology, but ensure that it won’t fail under high-stress, real-world conditions? What operational proving-grounds has itbeen tested under?

• Open Architecture with Best-of-Breed Applications: Your enterprisePKI needs to be integrated with all the applications it supports. How doyou deploy PKI that can support your own choice of new and legacyapplications? How do you avoid forcing your end-users to be locked intoproprietary PKI desktop software that they must install, update, andtroubleshoot? How do you deal with the desktop policies mandated by ITdepartments outside your control (e.g., business partners) when movingbeyond the intranet?

• High Availability and Scaleability: Your PKI needs to be available to itsuser community around-the-clock. How can you guarantee 7x24 serviceavailability to business partners, internal clients, or external customers—including systems, networks, customer support, and disaster recovery—without massive up-front capital investment? How do you handleunexpected peak loads in demand? How can you start your PKI small butbe confident it can scale effectively to millions of users ultimately?

The foundation forsecure Internet

applications is a PublicKey Infrastucture (PKI).

An enterprise’s PKIconstitutes the core of

its Internet securityinfrastructure—the key

to ensuringauthenticated, privateand non-repudiable

communications. Thesuccess of an

enterprise’s PKI willhave a major impact on

its core businessoperations.

4

• Secure Operating Infrastructure: Operating your PKI presents a new,unique set of risk management challenges. How do you ensure that youdon’t “go it alone” in risking company reputation, financial, and legalliability when running an Internet-based PKI? How can you safeguardprecious corporate information assets with the most hacker-proof PKIsecurity protection?

• Extranet/E-commerce Readiness: Your PKImay have to support different usercommunities, both inside and beyond theenterprise. How do you architect your PKI tooperate and scale successfully across suchcommunities—intranets, extranets, industrytrading groups, and large-scale Internetcommerce? Will proprietary approachesderail these efforts?

If these questions apply to your enterprise’sdecision to provide business-critical PKI services,please read on. This white paper compares tworadically different approaches to deployingenterprise PKI, focusing on their respectiveabilities to meet these five critical challenges.

Two Models for PKI Deployment

Based on recent advances in the PKI industry, there are now two very differentapproaches to building an enterprise PKI:

• Purchase standalone PKI software, and create a standalone PKIservice—where the enterprise alone assumes 100% responsibility forprovisioning all the surrounding technology, including systems,telecommunications, and databases, in addition to providing physical sitesecurity, Internet-safe network configurations, high-availability redundantsystems, disaster recovery, PKI specialists, viable PKI legal practices, andfinancially safe PKI liability protection; or

• Deploy an integrated PKI platform—which combines enterprise-controlled and operated PKI software/hardware, compatibility withpopular applications, and the certificate processing services andinfrastructure of a high-availability, high-security PKI backbone—withshared liability and independently audited business processes.

The downside of the standalone PKI software approach is that it leads tostandalone enterprise PKI— where the enterprise assumes 100% of theinvestment and 100% of the risk. By contrast, an enterprise deploying anintegrated PKI service platform—with 7x24 PKI services, shared investment,and shared risk—is far more likely to succeed in providing reliable and

There are many crucialelements to running an

enterprise PKI thatstandalone PKI software

vendors don’t like totalk about. Why?

Because they maketheir money by selling

software—not byensuring that a PKI isup and running day-inand day-out, throughsecurity emergencies,

overnight serviceinterruptions, customercrises, hacker attacks,

and rapid-firetechnology changes.

5

trustworthy PKI services, at lower cost and with faster deployment of thedependent applications.

Table 1 summarizes the fundamental differences between standalone PKIsoftware and a PKI service platform. The balance of this white paper furtherexplores the factors underlying these crucial issues.

Success Factor Integrated PKI Platform Standalone PKI Software

Proven PKI technology Fully-featured PKI, provenin world’s largest 7x24 PKIservice centers. Leveragedexperience from 100s of

enterprises.

Enterprise designs, builds,and deploys supporting

infrastructure, and assumes100% implementation risk.Software vendor has no PKI

operating experience.

Open architecture withbest-of-breed applications

Seamless integration withstandard best-of-breedapplications, includingstandard web browsers,

mail clients, and enterpriseapplications.

Requires proprietary clientsoftware for all users and

applications.

High availability andscaleability

Contractually guaranteedPKI backbone services &

disaster recovery. On-demand scaleability.

Leverages high capacity,fault-tolerant infrastructure.

Enterprise provides 100%services infrastructure &

disaster recovery. Assumes100% operational risk.

Secure operatinginfrastructure

Contractually guaranteedPKI backbone security.

Externally audited. Sharedliability.

Enterprise provides 100%of security infrastructure;

must design ownoperational policies and

practices; assumes 100% ofrisk.

Extranet/e-commercereadiness

Enterprise can select privateand/or public trust networks

(largest in world).

Private cross-certificationonly. Enterprise builds

100% custom solution eachtime. Partners assume

100% of risk.

6

The VeriSign Value Proposition

At VeriSign, we’ve learned from the successesand failures of earlier approaches to PKIdeployment. As a result, our approach is to buildindustrial-strength PKI service platforms forenterprises of all sizes, leveraging the largest andmost reliable PKI backbone in the world.

As the world’s largest PKI processor, we’vegained unequaled real-world experience whichserves as the foundation for the design andsupport-readiness of our enterprise PKI serviceplatform—VeriSign centers support a rapidlygrowing customer base of millions of consumers,80,000 websites, and hundreds enterprises. Youcan leverage our expertise and capitalize on ourinfrastructure—an investment of over $40 millionin building the world’s largest PKI backbone—sothat you don’t have to build that infrastructure foryour enterprise.

Protecting Information AssetsThe goal of an enterprise PKI is to protectinformation assets through:

• Authentication—validating the identity ofparties in communications andtransactions;

• Confidentiality—ensuring that informationis not intercepted during transmission;

• Non-Repudiation—ensuring that transactions, once committed, arelegally valid and irrevocable;

• Availability—ensuring that transactions or communications can beexecuted reliably upon demand.

Technically, PKI refers to the technology, infrastructure, and practices neededto enable use of public-key encryption and/or digital signatures in distributedapplications on a significant scale. The main function of PKI is to distributepublic keys accurately and reliably to those needing to encrypt messages orverify digital signatures (used to sign transactions or to authenticate peopleprior to granting access to resources). This process employs digital certificatesissued by an enterprise certification authority (CA) to users who register withthat CA. Issuance of a certificate requires authentication of the user, usuallyby a registration authority (RA). The scope of PKI also extends to functions

VeriSign enterprise PKIcustomers includesome of the largestenterprises in theworld—including:

Banks—NationsBank,Bank of America,

Federal Reserve of NY,Sumitomo Bank

Brokerage Firms—Merrill Lynch, MorganStanley Dean Witter

Electronics—HewlettPackard, Texas

Instruments

Telecommunications—AT&T, British Telecom,

US West, Ameritech,

Transportation—UnitedParcel Service (UPS)

Government Agencies—Internal Revenue

Service, civil & defenseagencies

Why go it alone inenterprise PKI when youcan be supported by theacknowledged leader in

mission-critical PKIservices?

7

such as certificate renewal, certificaterevocation/status checking, and user private keybackup/recovery.1

PKI is now the foundation for all application andnetwork security, including access control toinformation resources from web browsers, securee-mail, digital forms signing and workflow,firewalls, routers supporting virtual privatenetworks (VPNs), directories, and single-sign-onto corporate applications (including legacyapplications).

VeriSign OnSite—Industrial-Strength Enterprise PKI

VeriSign OnSite is a unique, state-of-the-art PKI service platform for theenterprise. It integrates:

• Enterprise PKI administration software—enterprise-operated andcontrolled ; with expert wizards for step-by-step installation,configuration, management, and report generation; installs on standardweb browsers and server platforms; with interfaces to enterprisebusiness systems for automated user administration and directoryintegration;

• Guaranteed back-end processing services—contractually guaranteed7x24 data processing, customer support, and disaster recovery services,leveraging investment in the industry’s only global PKI backbone;

• Scaleable and unquestionably secure infrastructure—modular,high-capacity processing and database systems, with audited, state-of-the-art network, physical, and cryptographic security;

• Shared financial and legal liability—managed risk, so you don’t “goit alone” in running your PKI service;

• Pay-as-you-go, volume-based pricing—with costs for additionalusers, including operational costs, incurred only as those users activate;avoids large up-front capital expenses and gives the lowest cost ofownership of any PKI deployment.

1 For a comprehensive description of PKI, see: Warwick Ford and Michael S. Baum, “Secure ElectronicCommerce: Building the Infrastructure for Digital Signatures and Encryption,” Prentice-Hall, 1997.

A PKI implementationneeds to be highlysecure – security

requirements generallyexceed those for typical

secure transactionprocessing system,

since issuance of justone bad certificate orpenetration of a CA’s

security can result in anunlimited number ofbad transactions or

issuance of anunlimited number of

bad certificates.

8

PKI Security and the Need for Distributed Functionality

Any PKI implementation should be designed with high-grade security built-infrom day one. Even if the initial PKI deployment does not protect criticalassets, remember that PKIs will likely be later leveraged to protect preciousinformation assets—extending to the crown jewels of Internet-basedcommerce.

A fundamental requirement of a CA supporting business-critical applicationsis that it must employ hardware cryptographic modules for certificate signing,since software-based cryptography implementations are prone to tampering ormisuse. Root keys that provide the basis for linking together multiple CAs andgenerally have longer lifetimes require special precautions, including storingthe private key in a secure, off-line hardware unit and requiring multiple keyshare holders to enable the key for signing in a tightly controlled, auditedprocess.

The full complement of strong security controls must also be employed,including physical security of the facility (room, building, and equipment)housing the CA, personnel security measures (including screening andspecialized training of all staff with access to the CA), and procedural controlsto enforce such policies as dual control over all sensitive functions. The securefacility typically needs to be operational on a 24x7 basis, and needs fulldisaster recovery backup.

While all CAs need strong security, the costs of building and operating asecure facility and the up-front financial commitment are daunting to manyenterprises. Outsourcing the CA function to someone else is not necessarilythe answer either, since enterprises frequently want full policy control overtheir PKIs, in terms of deciding who receives a certificate, what the certificatecontents are, how and when certificates arerevoked, and day-to-day operation of the CA.

VeriSign OnSite is the only PKI offering to addressthese seemingly irreconcilable needs. WithVeriSign OnSite, the enterprise controls the CAand can administer and audit the operationcontinuously. However, day-to-day back-end,secure data processing functions, such ascertificate-signing cryptographic hardware andrecords retention, are delegated to VeriSign andoperated out of a VeriSign secure data center. Thisis achieved through the VeriSign’s WorldTrustdistributed PKI architecture, components of whichare operated by both VeriSign and the enterprise.

All PKIs implementedthrough VeriSign OnSiteemploy hardware-basedcryptography, screenedand trained personnel, a

military-grade securefacility, and a rigidlyaudited system of

procedural controls.With a do-it-yourself PKIproduct, security is left

entirely to theenterprise.

9

Elements of Enterprise PKI

Provision of an enterprise PKI service has many facets, including secureinfrastructure establishment and maintenance, specialist staff training andscreening, 7x24 operations, application-interfacing, etc. The VeriSignapproach to enterprise PKI distinguishes itself from the build-it-yourselfapproach using standalone PKI software, by giving the customer control overpolicy and day-to-day decision making, but delegating back-end processortasks to VeriSign. To explain the VeriSign difference, let us consider thecomplete PKI solution in terms of the five critical success factors alreadyidentified: technology, open architecture, availability and scaleability,security and risk management, and extranet/e-commerce readiness.

TechnologyAt the core of PKI lies technology—software and hardware that implement thefunctions of a certification authority (CA), registration authority (RA),enrollment processes, certificate renewal and status-verification services,application interfaces, directory services and interfaces, private keymanagement, and so on. The demands on this technology are considerable – itmust support strong security, high availability, multiple certificate types fordifferent applications, and multiple application product interfaces. Mostimportantly, it must have a modular design, permitting PKI functions to bedistributed between enterprise premises and a supporting secure data center.

The VeriSign WorldTrust architecture stands out as today’s most robust andcomprehensive PKI architecture.2 It supports the PKI service center needs ofenterprises, commercial CAs, and websites worldwide, satisfying the moststringent security, commercial, and legal/practices requirements.

2 For a full description, see: “The VeriSign WorldTrust PKI Architecture,” VeriSign White Paper #98-05, 1998.

10

RA ControlCenter

CA ControlCenter

SubscriberManager

EndUser

Clients

EnterpriseServers

EnterpriseCA Admin.

EnterpriseRA Admin.

EnterpriseCertificateDirectory

EnterpriseRegistration

Database

KeyManager

Certificate Processing

CertificateManager

Crypto

Key RecoveryService

Key Management

Enterprise VeriSign Center

SSL

S/M

IME

SET

IPSE

CTr

ust G

’way

s

VeriSign’s WorldTrust Architecture

The WorldTrust architecture compromises the following module families:

• Subscriber Manager: Support for end-user registration and other end-user services such as certificate renewal, typically through web serverslocated on enterprise premises or at a VeriSign center. The look and feelare tailored to the enterprise.

• RA Control Center: Certificate management functions, such ascertificate issuance approval, revocation approval, and generaladministration functions, located at the enterprise. These functions can besoftware-interfaced to local management systems, such as an employee orcustomer database, to allow them to be fully automated.

• CA Control Center: Establishment of local CA policy, such as certificatecontent rules and administration authorizations. These functions aretypically located at the enterprise.

• Certificate Processing: Certificate issuance (based on RA approval),certificate life-cycle compliance and protocol support, cryptographic keymanagement, secure records retention, data base mirroring for disasterrecovery purposes, and other core functions. These functions are builtaround a high-performance transaction engine located at a secure facilityoperated by VeriSign or one of VeriSign’s worldwide affiliates.Cryptographic functions are embedded in government-certified hardware

11

cryptographic modules, with enabling keying materials split betweenmultiple independent responsible persons.

• Certificate Manager: The component of OnSite where the customerchooses the different types of certificates to be issued, for example, SSLS/MIME, IPSEC, or Trust Gateway certificates.

• Key Management: Software components and a supporting service toprovide maximum-security generation, backup, and recovery of user keypairs.

• Enterprise Integration Software Modules: Software modules thatprovide interfaces to enterprise databases to support automated certificateissuance and other administration functions, automated posting ofcertificates to enterprise directory or database, and access to certificaterevocation information by enterprise web servers.

• Application Integration Toolkits: For use by commercial applicationvendors or enterprise customers for enabling PKI-ready applications.

Administration Options

Flexibility is needed in how enterprises administer PKIs, for example, howcertificate issuance or revocation is initiated and approved. Organizationswith modest-sized certificate communities orwhile in technology piloting stages are bestserved with a manual administration systemwhich does not require any special softwareintegration. With OnSite, this is availableinstantly, via administrator access toadministrative web pages hosted by VeriSign;the administrator uses a standard web browserwith smart-card add-on for added security.Organizations with large client communities,however, need the option of driving certificateadministration from other administrativesystems or corporate database updates occurringin real time. For example, as new employees areentered in the corporate human resourcesdatabase, certificate issuance is automaticallyapproved and, as employees terminate,certificates are automatically revoked.

All options are made available with VeriSignOnSite. OnSite’s Automated Administrationoption exposes a simple API for interfacing toany of the popular DBMS or other

It should be possible tointegrate PKI

administration withenterprise systems

administration – not adda new administrative

burden. VeriSignOnSite’s automated

administration allowsissuance andrevocation of

certificates to betransparently driven by

pre-existingadministrative systems

or databases of anytype. Standalone PKIsoftware, on the other

hand, requires theenterprise to create anddepend day-to-day upon

a new, specialist “PKIadministrator” job

function.

12

administrative systems, with support for firewall separation of functionalcomponents as necessary for security purposes. Our experienced ProfessionalServices Organization will do the software integration if desired.

Key Backup and Recovery

When a public-private key pair is used to protectstored encrypted data, it may be necessary torecover the private key if the primary copy ofthat key is lost or otherwise becomesinaccessible. Without such a capability, loss ofa private key may mean loss of valuable data.

VeriSign addresses this requirement with OnSiteKey Manager—an option which allows anenterprise administrator to centrally generateuser key pairs and control the backup andrecovery of the private keys. Centralizedgeneration of key pairs facilitates batch pre-authentication and key distribution in largecommunities. Support for the management offull user key histories is included.

OnSite Key Manager operates in conjunctionwith a VeriSign Key Recovery Service. Privatekeys are stored on the enterprise premises in anon-vulnerable, enveloped form, allowing forstrong protection of the private keys without theneed for a bulletproof secure facility. Recovery of a private key requiresretrieval from VeriSign of a unique key which can unlock the envelope. Thissystem has major security advantages over the vulnerable key-backupdatabases offered by standalone PKI software product vendors.3

Dual-Key Support

When a public-private key pair is the basis for protecting stored encrypteddata, there may be a requirement, by enterprise administration, to keep abackup copy of the encryption private key, to be sure that encrypted data canbe recovered in the event the original copy of the private key was lost or

3 “VeriSign Public-Key Infrastructure – Enterprise Key Management,” VeriSign White Paper #98-02,1998.

When an enterpriseneeds to back upprivate keys, the

paramountrequirements are

enterprise control andhigh security. With

VeriSign’s state-of-the-art key managementsolution, private keys

are held by theenterprise but can only

be exposed after aconfirming transaction

with a highly secure PKIprocessing center. PKIbuilt on standalone PKIsoftware is vulnerableto disclosure of all the

enterprise’s privatekeys in one attack, andleaves all the costs of

security, and all the risk,with the enterprise.

13

became inaccessible. However, if a public-private key pair is to be used for creatinglegally binding digital signatures, that is, fortransactions with non-repudiation, then it maybe beneficial if no copy of the signature privatekey is ever made. (In theory, if signatureprivate key copies exist, an alleged signermight claim that the copy—not the originalkey—made the signature, and therebyrepudiate a transaction.) If both theencryption-key-backup and non-repudiationrequirements need to be satisfied in oneapplication, a user may need to have twoseparate key pairs—one with the private key backed-up (for encryptionpurposes) and one not (for non-repudiable digital signatures).

With RSA-based technology, dual key pairs are very rarely a real requirementin today’s applications, and many application products neither implement, norneed to implement, support for dual key pairs. However, as deployment ofPKI technology advances, real needs for this feature will likely emerge.

The VeriSign infrastructure inherently supports dual key pairs and multipleactive certificates per user. VeriSign’s application partners are adding dual keycapabilities as customer needs arise. For instance, Microsoft’s Outlook 98supports dual key pairs as an option and Netscape has announced that it willbe implementing dual key pairs in its clients this year. VeriSign’s application-integration toolkit supports both single and dual key-pair options today and theVeriSign OnSite platform can manage both today.

Open Architecture

Open vs Closed PKI

One PKI can serve multiple applications, thereby reducing administrativeburdens and improving the end-user experience, for example, by reducing thenumber of passwords a user must remember. One of the biggest challenges ishow to PKI-enable the applications—especially the best-of-breed applicationsdemanded by enterprise customers generally. Two approaches are used byPKI vendors:

• Closed PKI: Proprietary PKI software is installed on every desktop.Applications which use the PKI require a proprietary software interfacefrom the PKI vendor.

Few applicationscurrently require dualkey pairs. VeriSign

supports dual key pairsfor those applicationsthat do. StandalonePKI software vendorswho have built theirarchitectures around“universal dual key-pairs” unnecessarilylock the enterprise

100% into proprietaryclient software.

14

• Open PKI: Native applications interface tothe PKI using industry standard interfaceprotocols or tailored interfaces agreedthrough PKI-application vendor partnerships.No proprietary PKI software is needed on thedesktop.

Closed PKI means that the PKI vendor dictateswhat desktop software must be used throughout acomplete PKI community, including customers,partners, etc. All users must assume the burdenand cost of installing, updating, andtroubleshooting this special software. A majorpitfall of Closed PKI is illustrated by thefollowing real-life example: A prominent PKIsoftware vendor recently released a variant of apopular web browser, customized to interface tothat PKI vendor’s products through a proprietarysoftware interface. However, subsequent upgrades of the browser would notwork with the same PKI—unwitting customers were stranded with an obsoletebrowser release.

Closed PKI also does not extend easily beyond thecorporate intranet to extranet applications servingcustomers or partners. If all certificate-usingdesktops are not under enterprise control, it isimpractical to require special-purpose software,such as a proprietary PKI client, on thosedesktops. In an extranet, desktop systems in theirnative mode must interoperate with the centralPKI.

VeriSign is committed to the concept of OpenPKI which averts the above problems. VeriSignhas partner relationships with over 100independent software vendors, includingMicrosoft, Netscape, Lotus, Oracle, Hewlett-Packard, SECUDE (PKI for SAP R/3), Intuit,Jetform, Cisco, and Lucent. VeriSign’s enterprisePKI solutions work effectively with standardproducts from these vendors. Since VeriSign’sPKI offerings totally complement the offerings ofthese software vendors, we can readily work withthem all as partners to make Open PKI a reality.

VeriSign also contributes heavily to the

Closed PKI does notextend easily beyond

the corporate intranet toextranet applicationsserving customers or

partners. If allcertificate-using

desktops are not underenterprise control, it isimpractical to require

special-purposesoftware, such as a

proprietary PKI client,on those desktops. Inan extranet, desktop

systems in their nativemode must interoperate

with the central PKI.

An enterprise PKI mustsupport all of the

enterprise’s preferredapplications, without

requiring the burden ofproprietary PKIproducts on all

desktops. VeriSignworks with over 100

independent softwarevendors, including allthe big names, to give

you Open PKI—applications that are

VeriSign-PKI-enabled asshipped from their

vendors. Closed PKIlimits PKI-enabled

applications to thosefrom vendors preparedto build to a proprietaryPKI software interface.Worse, it does not workin extranets where the

enterprise does notcontrol all desktops.

15

formulation of industry standards for PKI; for example, we provide the Co-Chair for the IETF PKIX committee that develops such standards plus Editorsfor five of the PKIX standard drafts.

VeriSign’s Open PKI strategy also includes a software toolkit for PKI-enabling customer-written applications, or customers can choose from a rangeof VeriSign-enabled toolkits from other vendors, including Entegrity,Baltimore, RSA, and Xeti. The Open PKI program extends also to partnershiprelationships with systems integrators, such as KPMG and Ernst and Young.Such partnerships facilitate the building of highly integrated enterprise PKIsolutions.

Directory/Database Technology

Enterprises operate a variety of corporatedirectory/database systems, which potentiallyneed to be integrated with their PKIs. Thesedirectory/database systems include: X.500-technology directories, Web-based LDAPdirectory servers, DBMS systems from thetraditional suppliers, and various legacy systems.Certificates (and, if applicable, CRLs) needed byenterprise applications can be distributed by anyof the above systems.

VeriSign recognizes the need to accommodate allof the above technologies, as opposed to bindingan enterprise PKI offering to one specifictechnology (e.g., X.500) only. Enterprises aremoving to common directory architectures andwant directory integration – not directoryseparation. Accordingly, VeriSign OnSiteincludes a customizable Directory IntegrationModule which supports the delivery of certificates to local enterprisedirectories and databases. It directly supports LDAP-based directory systemsbut is also designed for rapid adaptation to interface to any desired directory ordatabase technology. This OnSite option comes packaged with VeriSignProfessional Services resources to adapt it to satisfy any particular customer’sneeds.

Deploying a PKI shouldnot force an enterprise

to adopt a particulardirectory strategy.

VeriSign OnSite adaptsto a customer’s

installeddirectory/database

technology, includingLDAP, X.500, SQL, orlegacy technology.

Standalone PKIsoftware that requires a

particular directoryinterface protocoland/or dictates a

particular directoryschema will not

integrate easily withpre-existing directory

systems due to featureand schema conflicts.

16

Revocation

A certificate may need to be revoked by a CA if a user private key iscompromised or the CA is no longer willing to support the certification.Different application environments demand different revocation mechanisms,dependent on their risk scenarios, timeliness requirements, and the sizes anddistributions of the subscriber and relying party communities. Establishedrevocation mechanisms include certificate revocation lists (CRLs), interactive(WWW) real-time certificate status interrogation, and on-line certificate statuschecking (OCSP). VeriSign is committed to supporting all of these revocationmechanisms in accordance with customer demand.

Daily CRLs and interactive real-time certificatestatus determination are supported by standardVeriSign OnSite policy choices. Hourly CRL-issuance is available as an option. VeriSign alsosupplies a revocation plug-in for Microsoft’s IISand Netscape’s Enterprise Server that checks therevocation status of a presented client certificate,automatically fetching CRLs as needed. Thisgives a fully-automated revocation environmentfor web servers which, unlike Closed PKIofferings, will operate with standard webbrowsers.

For applications requiring real-time statuschecking, VeriSign pioneered the development ofthe OCSP protocol and was the first vendor todemonstrate OCSP in operation in the 1998National Automated Clearinghouse Association(NACHA) PKI trials. VeriSign will provideOCSP for enterprise customers as applicationvendors release support for this protocol.4

4 Netscape Communications Corporation’s foreshadowed its implementation of this protocolin an announcement in August, 1998.

Enterprise PKI mustsupport various

revocationrequirements of

different applications.VeriSign generates

CRLs daily or hourly forall enterprise

customers. It providesturnkey revocationstatus-checking for

enterprise web serversthat can operate with

standard web browsers.OCSP will also be

supported for OCSP-enabled clients. PKI

software vendorssupport only CRLs,

usually only inconjunction with their

proprietary clientsoftware.

17

Availability and Scaleability

Redundancy and Disaster Recovery

A PKI used for mission-critical purposes requires7x24 availability, redundant systems, and fulldisaster recovery backup. With VeriSign OnSite, afully redundant infrastructure is already in place,with 7x24 service levels guaranteed for all criticalcomponents. There are redundant systems forservers, database, Internet service providers,telecommunications, and power. Disaster recoveryoperates 7x24 using a geographically separated siteoperated in conjunction with ComDisco.

An enterprise building its own PKI from standalonePKI software vendor products must establish andfinance its own redundant configurations, and itsown disaster recovery strategy and sites. This oftenproves difficult since these PKI products are notdesigned for redundancy.

Scaleability

Enterprises want to be able to start small—set up aPKI initially with hundreds or a thousand users, then progressively scale thatPKI to tens of thousands, hundreds of thousands,and ultimately millions of users.

A VeriSign-supplied enterprise PKI can scalesmoothly across this full range, with the customerpaying only for the scale of PKI needed at any time.Furthermore, it is the only PKI technology in theworld proven under real-world conditions to becapable of issuing certificates to the scale ofmillions. The scaleability comes from the use ofmulti-processor server architectures, high-performance transaction engines, multi-unitcryptographic hardware banks, and scaleable Oracledatabase technology. Standalone PKI software isknown to encounter scaling limits at the tens ofthousands due to lack of a transaction-optimizedarchitecture and scaling and resiliency limits withtheir database and directory systems.

A PKI supportingmission critical

applications must havefully redundant systems

and backup sites fordisaster recovery

purposes, otherwisebusiness is at risk.

VeriSign OnSiteincludes built-in

redundancy in all of thecritical components that

are located at theVeriSign center. An

enterprise that takes thePKI software product

approach mustestablish and finance itsown redundant systems

and disaster recoverysite.

An enterprise must beable to smoothly grow

its PKI from modestbeginnings to a

platform supportinglarge numbers of

customers, employees,and e-commerce

business partners. TheVeriSign solution hasbeen proven to scale

smoothly fromhundreds to millions ofusers, and the customerpays for the scale of PKIneeded at any time. PKI

software vendorproducts suffer

degradation at or beforetens of thousands of

users.

18

Security and Risk Management

Facility and Personnel Security

In a PKI service deployment, the full complement of strong security controlsneed to be employed, including hardware cryptographic modules, physicalsecurity of the facility housing the CA, personnel security measures (includingscreening and specialized training of all CA staff), and procedural controls toenforce such policies as dual control.

The costs of establishing and operating a high-security, high-availability facility can beprohibitive. The VeriSign PKI solution removesthis burden from the enterprise customer bylocating critical functions in a secure data centeroperated by VeriSign or an affiliate on a 7x24basis. Each data center has multi-tiered physicalsecurity, security-screened personnel, and issubjected to stringent security audits. 7x24 servicelevels are guaranteed. Customer service operateson a three-shift basis. VeriSign’s infrastructure isbacked up by the operators of the world’s largestnetwork of PKI centers, supporting over 3 millionconsumers and 65,000 websites.

This state-of-the-art security infrastructure has beenleveraged by hundreds of enterprises, whosemanagement cannot afford to take the security riskscreated by standalone PKI installations. This isespecially true as enterprises expand their PKIbeyond initial pilot installations to full-scaleproduction systems.

Customer Practices Support

PKI operators need to establish and enunciate practices that allow the entirePKI community to trust the infrastructure and be confident that risks arecontrolled. This applies particularly to a PKI community that spans multipleorganizations, and most particularly when the PKI supports digital signaturesused in support of electronic commerce, that is, in replacing business-to-business or consumer-to-business paper transactions with electronictransactions. With such a PKI, sound practices are essential to ensure thattransactions will be legally binding and have non-repudiation, that is, signerscannot falsely deny originating messages. Practices statements also need to

A mission-critical PKIneeds a high-security,high-availability (7x24)facility with speciallytrained and screenedpersonnel, redundantsystems, full disasterrecovery, and round-the-clock customer

support. The enterprisethat builds its own PKIfrom software products

is responsible for allthis. With VeriSign

OnSite, the security-critical functions link to

VeriSign secure datacenters, allowing the

enterprise to focus oncore businessoperations. By

contrast, standalonePKI requires the

enterprise to create100% of its own secure

environment.

19

establish fair and non-onerous means forapportioning liability in the event of a failedtransaction that causes material damage.

VeriSign is a world leader in the development ofPKI practices. In particular, VeriSign’sCertification Practices Statement (CPS),5 whichenunciates the practices underlying the VeriSignTrust Network (VTN) public CA services, isrecognized as the most comprehensive documentof its type in the world. It is used as a foundationfor enterprise PKI practices internationally.VeriSign OnSite customers may choose toestablish their own, private PKI hierarchies anddefine their own practices. In this case, VeriSignpractices consultants are available to assist.Alternatively, the enterprise CA may be certifiedinto one of the VeriSign Trust Network publichierarchies, in which case the provisions of theVeriSign CPS will apply.

VeriSign’s practices include witnessed andaudited processes for CA key establishment andmanagement and rigid multi-party controls overall key materials. VeriSign’s processes have been certified by KPMG inaccordance with AICPA SAS-70. VeriSign’s practices are backed up by $50million E&O insurance, the industry’s only NetSure extended warrantyprogram for enterprises joining VeriSign Trust Network, and liability-sharingagreements.

Non-repudiation

Non-repudiation refers to the generation and secure storage of evidence tosupport the resolution of disagreements as to the outcome of electronictransactions. Ultimately, the evidence must be able to prove convincing to athird party arbitrator, who can resolve a dispute without needing to relyentirely on the words of the disputing parties. Non-repudiation depends on theuse of digital signatures, created by parties who keep their private keys secure.In addition, non-repudiation depends upon the issuance of digital certificatesby a trusted and independently audited CA system, and the maintenance of

5 Available at: http://www.verisign.com/repository/CPS.

To achieve non-repudiation and multi-party trust in PKI, you

need specialized,audited processes

covering cryptographicPKI management, day-to-day operations, and

record-keeping.VeriSign leads the

development of PKIpractices

internationally, withaudited business

processes that meet themost rigid industry

standards, includingliability-sharing and

insurance protection.Build-it-yourself PKImeans build 100% ofyour own practices,liability coverage,

insurance policies, andaudit.

20

secure records of certificate issuance and life-cyclemanagement, including all steps occurring in therevocation of such certificates in the event of privatekey compromise or other circumstances leading tocertificate revocation.

With VeriSign OnSite, while the enterprise has fullcontrol over the issuance and revocation of digitalcertificates, complete records of the issuance and lifecycle management of certificates are maintained byVeriSign in a high security, independently auditeddata center. Disaster recovery services operatearound-the-clock at a geographically separatedbackup site.

Extranet/E-commerce ReadinessPKI can potentially span a community of any size, for example, a corporateintranet, an extranet that links an organization with its business partners orcustomers, a community-of-interest that spans multiple organizations (such ascorporations in the same industry), or a global community that includes all-comers, for example, for the greater Internet mail community. VeriSignfacilitates the development of communities beyond the intranet in severalunique ways.

Broad Community Enablement

While some enterprises require closed, private PKIs, others want theircertificates to be recognized and trusted by out-of-the-box commercial webbrowsers or other desktop application products. This greatly facilitates theestablishment of extranet PKIs or community-of-interest PKIs, by obviatingthe need for special software installation or configuration in the desktopsystems of organizations that are not under the administrative control of thePKI-operating organization.

With VeriSign OnSite, these requirements are satisfied by giving theenterprise customer the option of establishing an isolated private PKI, acommunity or industry-wide PKI, or a PKI linked into the VeriSign TrustNetwork. The VTN is a global, integrated PKI operated by VeriSign and itsworldwide affiliates such as British Telecom, AT&T, CertPlus in France6,

6 CertPlus is a joint venture of France Telecom, GemPlus, Matra, and VeriSign.

Non-repudiation meansindependently verifiable

evidence. Unlessoperated under

independentsupervision, enterprise-operated PKI products

do not give non-repudiation, since nothird party can offer

corroboration ofprocess and recordsintegrity. VeriSign’s

independentlyevaluated and audited

cryptographic PKImanagement processes

and secured recordsprovide a solid basis forswift and final dispute

resolution.

21

HiTRUST in Taiwan, SACA in South Africa,and VeriSign Japan. Root keys of the VeriSignTrust Network are pre-installed in all majorcommercial desktop products, includingMicrosoft and Netscape clients, allowing thecertificates issued in the PKI to be immediatelyrecognized by the users of such products.

Cross-Certification

Cross-certification is the process whereby oneCA issues a certificate for another CA, allowingcertificate chains to link together PKIcommunities that may span multipleorganizations. VeriSign has led thedevelopment of cross-certified structures,including the VeriSign Trust Network globalpublic PKI community, private PKI certificationstructures for enterprises or communities-of-interest, the global SET infrastructure whichinvolves cross-certification of multiple vendors’CA products, and cross-certification of the mostpopular CA software products—Netscape’sCertificate Server and Microsoft’s CertificateServer—into VeriSign’s infrastructures.

Cross-certification structures may be made as simple (i.e., hierarchical) or ascomplex (i.e., unbounded web-of-trust) as the user community requires.VeriSign cross-certification supports all of these structures.7

Cross-certification comprises two essential steps:

1. Practices establishment: The establishment of appropriate agreements asto risk-management practices and business terms and conditions betweenthe cross-certifying organizations.

2. Certificate request/issuance: Transfer of a certificate signing requestfrom one CA to the other, and issuance of a cross-certificate by the latterCA.

Certificate request/issuance is straightforward, reflecting the same process asissuance of a user certificate. This process uses industry standard certificate-request protocols such as the widely-deployed PKCS#7 and PKCS#10standards or the emerging IETF PKIX standards.

7 Not all certificate-using application products support all structural configurations.

While enterprise PKImay start with just

intranet applications,proper planning will

allow it to later scale toextranets or larger

community structures.Communities can be

built instantly when themembers already

recognize common rootkeys. VeriSign OnSitecustomers are offeredthe options of private

PKI, extranet PKI,industry PKI, or a PKI

cross-certified into theglobal VeriSign TrustNetwork, whose rootsare pre-installed in all

popular client products.With a PKI built fromstandalone software,

community building ismuch more unwieldy,

involving manual,pairwise exchange and

installation of cross-certificates or root keys.

22

The practices establishment step presents agreater challenge, but VeriSign’s customers canbenefit from the unique expertise in VeriSign’sPractices Department, led by Michael Baum,renowned electronic commerce attorney.VeriSign customers have the option of cross-certification into a structure with establishedpractices in place or, alternatively, establishing anew structure with new practices. In the lattercase, customers are offered access to VeriSign’sunique practices expertise on a consulting basisor by sublicensing proven practices statements.

The critical issue with building cross-certifiedstructures is that the approach of establishingmany networked, bilateral cross-certificationarrangements does not scale into workablecommunities—the overall trust level would endup reflecting the lowest common denominator ofall of the bilateral relationships. VeriSign workswith communities-of-interest to establish acommunal approach to PKI practices from dayone, using extensive real-life experience as thebasis.

Feature Comparison – VeriSign & EntrustVeriSign is the only vendor in the PKI space offering a complete enterprisePKI solution—based on the PKI service platform concept. As an example, thefollowing table summarizes some major differentiators between VeriSign andEntrust PKI offerings.

Cross-certificationmeans much more than

just issuing anothercertificate – it is aspecial business

arrangement, involvingagreements on such

points as securitypractices and liability

apportionment.VeriSign has builtnumerous multi-enterprise cross-

certified CA structures,linking groups of

financial institutions,commercial CAs, andother organizationsworldwide. VeriSignhelps its customers

establish cross-certification practices

and agreements. With aPKI software product,

where cross-certification is

concerned, you are onyour own.

23

PKI Component VeriSign OnSite 4.0Integrated PKI Platform

EntrustStandalone PKI Software

TechnologyCryptographic hardwarefor certificate signing

All CAs use hardware cryptography,FIPS 140-1 level 3 endorsed (avertsrisks of tampering and disclosure ofprivate CA key inherent in softwarecryptography)

Base product uses softwarecryptography (hardware option atadditional expense)

Root key protection Root keys always network isolatedand in secure facility; activation byregimented, audited secret sharing(averts risks of penetration anddisclosure of private byintruders/administrators if privateroot key held in on-line, operationalenvironment)

Root keys held in on-line,operational environment

User key management User encryption keys backed up atenterprise; full key histories; strongprotection using distributed keyrecovery technology

User encryption keys backed up atenterprise; full key histories; held insingle-point-of-failure onlinedatabase

User dual-key support Supports single or dual key pairs forany application (dependent onapplication requirements andcapabilities)

Supports single or dual key pairs(dual key pairs supported only withproprietary client and applicationsinterfaced via proprietary toolkits)

Open ArchitectureOpen vs closed PKI Open PKI; no proprietary software

on desktops; 100+ ISV partners;120+ applications enabled

Closed PKI; many features requireproprietary desktop client or toolkit;limited to 29 ISV partners; 45applications enabled1

Directory/databasetechnology

Enterprise choice of LDAP, X.500,SQL, or legacy DBMS; no directoryschema restrictions

LDAP/X.500 directory requiredwith special schema restrictions thatmay conflict with other enterprisedirectory schema

Revocation CRLs issued regularly; revocationenabled for web servers andstandard browsers; OCSP supportfor key clients, e.g., Netscape

CRLs issued regularly; revocationlimited to Entrust proprietary client& server plugins; no OCSP; norevocation for other clientapplications without proprietarydesktop or toolkit

Availability andScaleability

Redundancy Guaranteed 7x24 service levels,redundant servers, database, ISPs,telecommunications

None provided by vendor; enterpriseprovides its own

Disaster recovery Guaranteed 7x24 disaster recoverybackup at remote secure site

None provided by vendor; enterpriseprovides its own

Scaleability Proven, seamless scaleability from100s to millions; guaranteed peakloading service levels

Scaleability problems start at 10s ofthousands; product unproven at 100sof thousands+

24

Security and RiskManagement

Facility security Fortified construction, 5-tiersecurity; dual biometric accesscontrol, 24-hour monitoring, motiondetect, network security audit

None provided by vendor; enterpriseprovides its own

Personnel security Investigative screening, specialisttraining, retraining

None provided by vendor; enterpriseprovides its own

Independent audit Independent SAS-70 audit byKPMG; VISA audited and approved

None provided by vendor; enterprisearranges its own

Customer practicessupport

Enterprise CA may join VTN withproven established practices, or mayestablish own practices; VeriSignoffers practices consulting and/orCPS

None provided by vendor; enterprisemust develop its own practices andlegal expertise

Non-repudiation Evaluated/audited cryptographicmaterials management and securedrecords retention provideindependently verifiable evidencefor dispute resolution

No non-repudiation, unless PKI isoperated under full supervision of anindependent authority

Extranet/E-CommerceReadiness

Global CommunityEnablement

Enterprise has option of joining PKIstructure with roots pre-installed inall commercial web/mail clients

Enterprise must configure web/mailclients to recognize CA

Cross-certification Can cross-certify enterprise OnSiteCA into established VTN or privatenetwork; can cross-certify privateNetscape or Microsoft certificateserver; cross-certification includesall phases, including support forpractices establishment

Mechanical certificate issuanceonly; no assistance with practices;vendor has no operating experience;no cross-certification withNetscape/Microsoft

NOTES:1. Based on current Entrust Website information.

For Further Information......see the VeriSign website at www.verisign.com, contact your local VeriSignAccount Representative, or call VeriSign at (650) 961-7500.