Entrust Inc., the Dallas-based security vendor spun off from Toronto-based Nortel Networks Corp., announced Tuesday a managed e-mail security service that uses digital certificates.
Entrust Secure E-mail Certificates is available now and works with browsers such as Microsoft Corp.’s Internet Explorer and Google Inc.’s Chrome, said Scott Shetler, Entrust’s senior product manager.
Shetler said the service is the first publicly-trusted (as opposed to privately-trusted) S/MIME certificate, meaning it uses public keys from certificate authorities that are built into applications such as Web browsers.
A spokesperson for a competitor to Entrust, Symantec Corp.'s VeriSign unit, took issue with that claim.
"VeriSign began offering digital IDs for individuals in 1996," VeriSign spokesperson Christina Rohall wrote in an e-mail to Network World Canada. She was referring to an announcement from Microsoft Corp. 14 years ago that Internet Explorer 3.0 users had the option of signing their e-mails using Digital ID.
"The market for the product never really took off but we continue to service tens of thousands of individuals each year," Rohall wrote.
After this article was published, a spokesperson for Entrust e-mailed Network World Canada stating Secure E-mail Certificates is the "first publicly-trusted S/MIME offered by Entrust" rather than the first to market.
Entrust’s public key infrastructure (PKI) is designed to encrypt data and provide non-repudiation, meaning the senders cannot deny at a later date that they were the originators.
S/MIME, originally developed by EMC Corp.'s RSA security unit, is an Internet Engineering Task Force (IETF) standard that adds both digital signatures and encryption to e-mail messages in the Multipurpose Internet Mail Extensions (MIME) format, which lets users add graphics, audio and other formatting to e-mail messages.
Entrust’s Secure E-mail Certificates is available in two versions. The personal version, which costs $20 per seat, provide basic encryption using the International Telecommunications Union’s X.509 public key infrastructure standard. The enterprise edition lets users digitally sign word processing documents and allows administrators to revoke users’ digital IDs when they leave the company.
David Senf, director of IDC Canada’s infrastructure solutions group, stated in an e-mail to Network World Canada that the Entrust service “is a step forward towards ease of use for message security …”
But he added “it will not bring about any large scale change in business and consumer bad habits.”
The bad habits Senf referred to include the transfer of financial and human resources data through e-mail.