Entrust Inc., the Dallas-based security vendor spun off from Toronto-based Nortel Networks Corp., announced Tuesday a managed e-mail security service that uses digital certificates.
Entrust Secure E-mail Certificates is available now and works with browsers such as Microsoft Corp.’s Internet Explorer and Google Inc.’s Chrome, said Scott Shetler, Entrust’s senior product manager.
Shetler said the service is the first publicly-trusted (as opposed to privately-trusted) S/MIME certificate, meaning it uses public keys from certificate authorities that are built into applications such as Web browsers.
A spokesperson for a competitor to Entrust, Symantec Corp.'s VeriSign unit, took issue with that claim.
"VeriSign began offering digital IDs for individuals in 1996," VeriSign spokesperson Christina Rohall wrote in an e-mail to Network World Canada. She was referring to an announcement from Microsoft Corp. 14 years ago that Internet Explorer 3.0 users had the option of signing their e-mails using Digital ID.
"The market for the product never really took off but we continue to service tens of thousands of individuals each year," Rohall wrote.
After this article was published, a spokesperson for Entrust e-mailed Network World Canada stating Secure E-mail Certificates is the "first publicly-trusted S/MIME offered by Entrust" rather than the first to market.
Entrust’s public key infrastructure (PKI) is designed to encrypt data and provide non-repudiation, meaning the senders cannot deny at a later date that they were the originators.
S/MIME, originally developed by EMC Corp.'s RSA security unit, is an Internet Engineering Task Force (IETF) standard that adds both digital signatures and encryption to e-mail messages in the Multipurpose Internet Mail Extensions (MIME) format, which lets users add graphics, audio and other formatting to e-mail messages.
Entrust’s Secure E-mail Certificates is available in two versions. The personal version, which costs $20 per seat, provide basic encryption using the International Telecommunications Union’s X.509 public key infrastructure standard. The enterprise edition lets users digitally sign word processing documents and allows administrators to revoke users’ digital IDs when they leave the company.
David Senf, director of IDC Canada’s infrastructure solutions group, stated in an e-mail to Network World Canada that the Entrust service “is a step forward towards ease of use for message security …”
But he added “it will not bring about any large scale change in business and consumer bad habits.”
The bad habits Senf referred to include the transfer of financial and human resources data through e-mail.
“E-mail is one of the top two applications that Canadian firms will allow to be handled in the cloud,” Senf wrote. “Applications for finance or HR on the other hand are not high on this list. However, it is not uncommon at all for financial and HR information to be sent over email. Odd isn't it?”
He added e-mail encryption and non-repudiation are critical functions but “overlooked” by some organizations.
Shetler said with its new service, companies that issue new keys to users will automatically have the original certificates revoked.
“There are a number of things that would happen that means you need another certificate,” he said. “You forget your password and need a new one, or
your machine blows up and you need to re-image your machine.”
In addition to PKI products, Entrust also provides Secure Sockets Layer (SSL) technology to governments and private businesses. Shetler said he expects most customers of Entrust Secure E-mail Certificates will be in the private sector.
Entrust was founded by an Ottawa security expert, Brian O’Higgins, in 1993 in Ottawa as a division of Nortel Networks Corp. Its early customers included the Royal Canadian Mounted Police, the Department of National Defence and the Bank of Nova Scotia. It was later spun off as a separate firm with a headquarters near Dallas. O’Higgins later moved to intrusion prevention systems vendor Third Brigade Inc., which is also in Ottawa and was recently acquired by Trend Micro Inc.