VeriSign, Microsoft & webMethods, Joined by Baltimore Technologies, HP, IBM, IONA, PureEdge and Reuters, Announce Industry Support for Second-Generation PKI Standard

XKMS Specification Acknowledged by World Wide Web Consortium (W3C), Paving the

Way for Interoperability of PKI Solutions, Digital Signatures and Encryption



Apr 10, 2001, 01:00 ET from VeriSign, Inc.

    SAN FRANCISCO, RSA(R) CONFERENCE, April 10 /PRNewswire/ --
 VeriSign, Inc. (Nasdaq:   VRSN), the leading provider of Internet trust
 services, Microsoft Corp. (Nasdaq:   MSFT) and webMethods, Inc. (Nasdaq:   WEBM)
 today announced wide industry support of their jointly developed XML key
 management specification (XKMS), a key enabler to second-generation Public Key
 Infrastructure (PKI) services.  Baltimore Technologies, Hewlett-Packard
 Company, International Business Machines Corp., IONA, PureEdge Solutions, and
 Reuters Limited joined VeriSign, Microsoft and webMethods in submitting the
 specification to the World Wide Web Consortium (W3C). Additional supporters of
 the XKMS specification include Entrust Technologies, RSA Security and Science
 Applications International Corporation.   The W3C recently acknowledged the
 submission, which will be presented at the upcoming W3C Web Services Workshop,
 April 11-12.  The XKMS specification makes it easy for enterprises and
 developers to integrate advanced PKI technologies such as digital signature
 handling and encryption into e-commerce applications, and also ensures
 interoperability of varying PKI solutions.
     "The groundswell of industry support for the XKMS specification shows that
 PKI has entered the next generation," said Stratton Sclavos, president and CEO
 of VeriSign.  "By moving complexity to the infrastructure, it will now be much
 easier for enterprises to deploy a far broader range of Internet applications
 while leveraging a globally-interoperable trust infrastructure which mirrors
 the physical world."
     "Web Services are transforming every corner of high-tech computing,
 redefining the possibilities for end users and the business opportunities for
 enterprises. This transformation hinges on the public standardization of core
 XML technologies, and security standards are at the top of that list," said
 Blair Dillaway, security software architect at Microsoft Corp. "The
 XKMS-defined trust services provide key functionality needed for building
 secure, interoperable, e-commerce solutions."
     The XKMS specification revolutionizes the development of trusted
 applications by introducing an open framework that enables virtually any
 developer to easily incorporate trust services directly into the application.
 Currently, developers must enable desktop and e-commerce applications to
 handle digital keys for authentication and digital signatures via the use of
 toolkits offered by a range of software vendors. Functions such as digital
 certificate processing, revocation status checking and certification path
 location and validation do not always interoperate with all vendors' PKI
 offerings.  With the new XKMS specification, those functions instead reside in
 servers that can be accessed via easily programmed XML messages.
     "We are very excited about the XKMS framework and the response we've had
 from our member financial institutions," said Dave Oshman, Senior VP,
 Technology of Identrus.  "VeriSign has helped solve a key technical issue for
 merchants that will speed use of digital certificates and ultimately improve
 return on investment for market participants and service providers."
     As organizations continue to expand use of the Internet for
 business-critical applications such as supply chain management and enterprise
 resource planning they require the ability to secure these applications using
 digital credentials within an open and interoperable framework. By deploying
 applications within the XKMS framework, enterprises can gain broad
 interoperability, rapid time-to-market, significant cost savings, and
 scalability across intranet, extranet, and Internet commerce applications
 -- benefits unattainable with proprietary PKI software.  XKMS is compatible
 with the emerging standard for XML digital signatures.  Designed to be
 implemented as a Web service, XKMS is built upon Web Services Description
 Language (WSDL) and Simple Object Access Protocol (SOAP).  It is anticipated
 that future versions of the XKMS specification will be compatible with XML
 encryption and XML protocol.
     "As an open framework for the XML-based trust services architecture, XKMS
 will enable trust through stronger authentication and will ultimately help
 deliver XML's promise of expanded e-commerce across the board -- thus making
 integration technology faster and easier to deploy, as well as making large
 industrial exchanges more manageable," said Jeremy Epstein, Director of
 Product Security and Performance, webMethods, Inc.
     "For enterprise customers to truly conduct high-value transactions, the
 handling of digital keys for online authentication, digital signatures and
 data encryption must be simple to integrate and must interoperate across a
 broad range of enterprise applications," said Warwick Ford, Chief Technology
 Officer for VeriSign.
 
     Interoperable Specification Receives Broad Industry Support
 
     SAIC
     "Driven by both federal standards and a need for greater efficiency, the
 healthcare industry is moving rapidly toward electronic business processes,
 and public-key technology is a critical enabler for authentication, digital
 signatures, and transaction protection.   As a systems integrator, SAIC is
 intimately familiar with the importance of standards such as XKMS to
 facilitate integration, interoperability, and scalability across multiple
 enterprises," said Dixie Baker, VP and Chief Technology Officer of the Health
 and Enterprise Solutions Sectors at SAIC.
 
     Baltimore Technologies
     "Baltimore welcomes the proposed adoption of the XKMS specification as an
 additional and simpler way to access PKI services," said John O'Sullivan,
 Executive Vice President of Engineering at Baltimore Technologies. "XKMS
 complements existing standards such as the on-going SAML work in OASIS and
 W3C's XML digital signature standard. We see XKMS as providing one of the key
 components for the future development of a wide range of e-security products
 and services."
 
     CIBC
     "CIOs of Canadian Banks can now focus on selecting the PKI solution that
 best integrates with their current applications, knowing that XKMS will
 provide the means to seamlessly conduct high value electronic transactions
 between any other banks in Canada, through the Internet, independent of
 anyone's PKI vendor," said Mario Morel, Chief Technology Officer for CIBC, a
 VeriSign Canadian Affiliate.
 
     Entrust
     "Entrust is pleased to participate in the announcement of the World Wide
 Web Consortium's acceptance of the XKMS specification as an open standard for
 XML-based trust services," said Brian O'Higgins, founder, executive vice
 president and CTO, Entrust Technologies. "XKMS will simplify the integration
 of digital signatures and data encryption into e-commerce applications. The
 specification is a natural complement to our complete range of Trust
 Relationship Management software and managed services, which address security
 requirements across all types of Web services transactions."
 
     Hewlett Packard
     Roberto Medrano, general manager, HP Internet Security Division, said, "HP
 supports the adoption of the XKMS Specification to provide the higher-level
 application security that customers need to further their service-centric Web
 commerce in a heterogeneous environment. The wide industry acknowledgement of
 the benefits associated with adopting the XKMS specification will enable
 pervasive development efforts."
 
     IBM
     "The use of XML for e-business is maturing rapidly and security is an
 essential part of the standards 'stack' for web services," said Bob Sutor,
 IBM's Director for e-business Standards Strategy. "XKMS should prove to be an
 important component of the standards that the industry cooperatively develops
 to ensure that Internet-based business transactions take place in a secure and
 reliable way."
 
     IONA
     "Security is the top concern among customers who are looking to develop
 and publish web services, including business process interactions across the
 Internet," said Eric Newcomer, Web Services Architect at IONA.  "As the
 industry's only provider of true Total Business Integration, IONA is pleased
 to support XKMS as a key component of the solution to this concern."
 
     PureEdge
     "As a company that has been committed to the development of secure XML
 standards for nearly three years, PureEdge is pleased to participate in the
 XKMS effort," said David Manning, PureEdge CTO. "XKMS is an important
 e-commerce advancement that will foster the development of secure XML
 applications and bring the power of PKI to a broader range of organizations
 worldwide."
 
     Reuters
     "XMKS provides a sound framework for the provision of interoperable,
 trusted Web-based financial products and services," said Mark Curtis, Research
 and Standards Group, Reuters Chief Technology Office.
 
     RSA Security
     "RSA Security fully supports the XKMS specifications, as this open
 framework will allow developers to embed strong and reliable data security,
 integrity and authentication features within their e-commerce applications,"
 said Bill McQuaide, vice president of product marketing at RSA Security Inc.
 "Based on XML and promoting the interoperability of advanced technologies,
 XKMS enables B2B and B2C applications to function reliably in a public key
 infrastructure (PKI) environment."
 
     About VeriSign
     VeriSign, Inc. is the leading provider of trusted infrastructure services
 to web sites, enterprises, electronic commerce service providers and
 individuals. The company's domain name, digital certificate and payment
 services provide the critical web identity, authentication and transaction
 infrastructure that online businesses require to conduct secure e-commerce and
 communications. VeriSign's services are available through its web sites
 (www.verisign.com and www.netsol.com) or through its direct sales force and
 reseller partners around the world.
 
     About Microsoft
     Founded in 1975, Microsoft is the worldwide leader in software, services
 and Internet technologies for personal and business computing. The company
 offers a wide range of products and services designed to empower people
 through great software -- any time, any place and on any device.
 
     About webMethods
     webMethods, Inc. is the leading provider of integration software solutions
 for Global 2000 corporations, major B2B exchanges and leading software
 application vendors. The webMethods integration platform allows customers to
 achieve quantifiable R.O.I. by linking business processes, enterprise and
 legacy applications, databases and workflows both within and across
 enterprises. By deploying the webMethods integration platform, customers
 reduce costs, create new revenue opportunities, strengthen relationships with
 customers, substantially increase supply chain efficiencies and streamline
 internal business processes.
     Founded in 1996, webMethods is headquartered in Fairfax, Va., with offices
 throughout the U.S., Europe and Asia Pacific. webMethods has more than
 625 customers worldwide -- from Global 2000 leaders such as Citibank, Dell,
 Eastman Chemical, The Ford Motor Company, Grainger, Motorola and Starbucks to
 major industry-backed exchanges like ForestExpress, eHITEX/Converge and
 PetroCosm. webMethods' strategic partners include Ariba, Broadvision, Commerce
 One, Deloitte Consulting, EDS, i2 Technologies, J.D. Edwards, KPMG Consulting,
 Microsoft, Oracle Corp., SAP AG and Siebel Systems. More information about the
 company can be found at www.webMethods.com.
     Statements in this announcement other than historical data and information
 constitute forward-looking statements within the meaning of Section 27A of the
 Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934.
 These statements involve risks and uncertainties that could cause VeriSign's
 actual results to differ materially from those stated or implied by such
 forward-looking statements. The potential risks and uncertainties include,
 among others, VeriSign's limited operating history under its current business
 structure, uncertainty of future revenue and profitability and potential
 fluctuations in quarterly operating results, increased competition, risks
 associated with the company's international business and risks related to
 potential security breaches.  More information about potential factors that
 could affect the company's business and financial results is included in
 VeriSign's filings with the Securities and Exchange Commission, especially in
 the company's Annual Report on Form 10-K for the year ended December 31, 2000.
 VeriSign undertakes no obligation to update any of the forward-looking
 statements after the date of this press release.
     NOTE:  VeriSign is a registered trademark of VeriSign, Inc.
     Microsoft, Windows and Windows NT are either registered trademarks or
 trademarks of Microsoft Corp. in the United States and/or other countries.
     The names of actual companies and products mentioned herein may be the
 trademarks of their respective owners.
 
 

SOURCE VeriSign, Inc.
    SAN FRANCISCO, RSA(R) CONFERENCE, April 10 /PRNewswire/ --
 VeriSign, Inc. (Nasdaq:   VRSN), the leading provider of Internet trust
 services, Microsoft Corp. (Nasdaq:   MSFT) and webMethods, Inc. (Nasdaq:   WEBM)
 today announced wide industry support of their jointly developed XML key
 management specification (XKMS), a key enabler to second-generation Public Key
 Infrastructure (PKI) services.  Baltimore Technologies, Hewlett-Packard
 Company, International Business Machines Corp., IONA, PureEdge Solutions, and
 Reuters Limited joined VeriSign, Microsoft and webMethods in submitting the
 specification to the World Wide Web Consortium (W3C). Additional supporters of
 the XKMS specification include Entrust Technologies, RSA Security and Science
 Applications International Corporation.   The W3C recently acknowledged the
 submission, which will be presented at the upcoming W3C Web Services Workshop,
 April 11-12.  The XKMS specification makes it easy for enterprises and
 developers to integrate advanced PKI technologies such as digital signature
 handling and encryption into e-commerce applications, and also ensures
 interoperability of varying PKI solutions.
     "The groundswell of industry support for the XKMS specification shows that
 PKI has entered the next generation," said Stratton Sclavos, president and CEO
 of VeriSign.  "By moving complexity to the infrastructure, it will now be much
 easier for enterprises to deploy a far broader range of Internet applications
 while leveraging a globally-interoperable trust infrastructure which mirrors
 the physical world."
     "Web Services are transforming every corner of high-tech computing,
 redefining the possibilities for end users and the business opportunities for
 enterprises. This transformation hinges on the public standardization of core
 XML technologies, and security standards are at the top of that list," said
 Blair Dillaway, security software architect at Microsoft Corp. "The
 XKMS-defined trust services provide key functionality needed for building
 secure, interoperable, e-commerce solutions."
     The XKMS specification revolutionizes the development of trusted
 applications by introducing an open framework that enables virtually any
 developer to easily incorporate trust services directly into the application.
 Currently, developers must enable desktop and e-commerce applications to
 handle digital keys for authentication and digital signatures via the use of
 toolkits offered by a range of software vendors. Functions such as digital
 certificate processing, revocation status checking and certification path
 location and validation do not always interoperate with all vendors' PKI
 offerings.  With the new XKMS specification, those functions instead reside in
 servers that can be accessed via easily programmed XML messages.
     "We are very excited about the XKMS framework and the response we've had
 from our member financial institutions," said Dave Oshman, Senior VP,
 Technology of Identrus.  "VeriSign has helped solve a key technical issue for
 merchants that will speed use of digital certificates and ultimately improve
 return on investment for market participants and service providers."
     As organizations continue to expand use of the Internet for
 business-critical applications such as supply chain management and enterprise
 resource planning they require the ability to secure these applications using
 digital credentials within an open and interoperable framework. By deploying
 applications within the XKMS framework, enterprises can gain broad
 interoperability, rapid time-to-market, significant cost savings, and
 scalability across intranet, extranet, and Internet commerce applications
 -- benefits unattainable with proprietary PKI software.  XKMS is compatible
 with the emerging standard for XML digital signatures.  Designed to be
 implemented as a Web service, XKMS is built upon Web Services Description
 Language (WSDL) and Simple Object Access Protocol (SOAP).  It is anticipated
 that future versions of the XKMS specification will be compatible with XML
 encryption and XML protocol.
     "As an open framework for the XML-based trust services architecture, XKMS
 will enable trust through stronger authentication and will ultimately help
 deliver XML's promise of expanded e-commerce across the board -- thus making
 integration technology faster and easier to deploy, as well as making large
 industrial exchanges more manageable," said Jeremy Epstein, Director of
 Product Security and Performance, webMethods, Inc.
     "For enterprise customers to truly conduct high-value transactions, the
 handling of digital keys for online authentication, digital signatures and
 data encryption must be simple to integrate and must interoperate across a
 broad range of enterprise applications," said Warwick Ford, Chief Technology
 Officer for VeriSign.
 
     Interoperable Specification Receives Broad Industry Support
 
     SAIC
     "Driven by both federal standards and a need for greater efficiency, the
 healthcare industry is moving rapidly toward electronic business processes,
 and public-key technology is a critical enabler for authentication, digital
 signatures, and transaction protection.   As a systems integrator, SAIC is
 intimately familiar with the importance of standards such as XKMS to
 facilitate integration, interoperability, and scalability across multiple
 enterprises," said Dixie Baker, VP and Chief Technology Officer of the Health
 and Enterprise Solutions Sectors at SAIC.
 
     Baltimore Technologies
     "Baltimore welcomes the proposed adoption of the XKMS specification as an
 additional and simpler way to access PKI services," said John O'Sullivan,
 Executive Vice President of Engineering at Baltimore Technologies. "XKMS
 complements existing standards such as the on-going SAML work in OASIS and
 W3C's XML digital signature standard. We see XKMS as providing one of the key
 components for the future development of a wide range of e-security products
 and services."
 
     CIBC
     "CIOs of Canadian Banks can now focus on selecting the PKI solution that
 best integrates with their current applications, knowing that XKMS will
 provide the means to seamlessly conduct high value electronic transactions
 between any other banks in Canada, through the Internet, independent of
 anyone's PKI vendor," said Mario Morel, Chief Technology Officer for CIBC, a
 VeriSign Canadian Affiliate.
 
     Entrust
     "Entrust is pleased to participate in the announcement of the World Wide
 Web Consortium's acceptance of the XKMS specification as an open standard for
 XML-based trust services," said Brian O'Higgins, founder, executive vice
 president and CTO, Entrust Technologies. "XKMS will simplify the integration
 of digital signatures and data encryption into e-commerce applications. The
 specification is a natural complement to our complete range of Trust
 Relationship Management software and managed services, which address security
 requirements across all types of Web services transactions."
 
     Hewlett Packard
     Roberto Medrano, general manager, HP Internet Security Division, said, "HP
 supports the adoption of the XKMS Specification to provide the higher-level
 application security that customers need to further their service-centric Web
 commerce in a heterogeneous environment. The wide industry acknowledgement of
 the benefits associated with adopting the XKMS specification will enable
 pervasive development efforts."
 
     IBM
     "The use of XML for e-business is maturing rapidly and security is an
 essential part of the standards 'stack' for web services," said Bob Sutor,
 IBM's Director for e-business Standards Strategy. "XKMS should prove to be an
 important component of the standards that the industry cooperatively develops
 to ensure that Internet-based business transactions take place in a secure and
 reliable way."
 
     IONA
     "Security is the top concern among customers who are looking to develop
 and publish web services, including business process interactions across the
 Internet," said Eric Newcomer, Web Services Architect at IONA.  "As the
 industry's only provider of true Total Business Integration, IONA is pleased
 to support XKMS as a key component of the solution to this concern."
 
     PureEdge
     "As a company that has been committed to the development of secure XML
 standards for nearly three years, PureEdge is pleased to participate in the
 XKMS effort," said David Manning, PureEdge CTO. "XKMS is an important
 e-commerce advancement that will foster the development of secure XML
 applications and bring the power of PKI to a broader range of organizations
 worldwide."
 
     Reuters
     "XMKS provides a sound framework for the provision of interoperable,
 trusted Web-based financial products and services," said Mark Curtis, Research
 and Standards Group, Reuters Chief Technology Office.
 
     RSA Security
     "RSA Security fully supports the XKMS specifications, as this open
 framework will allow developers to embed strong and reliable data security,
 integrity and authentication features within their e-commerce applications,"
 said Bill McQuaide, vice president of product marketing at RSA Security Inc.
 "Based on XML and promoting the interoperability of advanced technologies,
 XKMS enables B2B and B2C applications to function reliably in a public key
 infrastructure (PKI) environment."
 
     About VeriSign
     VeriSign, Inc. is the leading provider of trusted infrastructure services
 to web sites, enterprises, electronic commerce service providers and
 individuals. The company's domain name, digital certificate and payment
 services provide the critical web identity, authentication and transaction
 infrastructure that online businesses require to conduct secure e-commerce and
 communications. VeriSign's services are available through its web sites
 (www.verisign.com and www.netsol.com) or through its direct sales force and
 reseller partners around the world.
 
     About Microsoft
     Founded in 1975, Microsoft is the worldwide leader in software, services
 and Internet technologies for personal and business computing. The company
 offers a wide range of products and services designed to empower people
 through great software -- any time, any place and on any device.
 
     About webMethods
     webMethods, Inc. is the leading provider of integration software solutions
 for Global 2000 corporations, major B2B exchanges and leading software
 application vendors. The webMethods integration platform allows customers to
 achieve quantifiable R.O.I. by linking business processes, enterprise and
 legacy applications, databases and workflows both within and across
 enterprises. By deploying the webMethods integration platform, customers
 reduce costs, create new revenue opportunities, strengthen relationships with
 customers, substantially increase supply chain efficiencies and streamline
 internal business processes.
     Founded in 1996, webMethods is headquartered in Fairfax, Va., with offices
 throughout the U.S., Europe and Asia Pacific. webMethods has more than
 625 customers worldwide -- from Global 2000 leaders such as Citibank, Dell,
 Eastman Chemical, The Ford Motor Company, Grainger, Motorola and Starbucks to
 major industry-backed exchanges like ForestExpress, eHITEX/Converge and
 PetroCosm. webMethods' strategic partners include Ariba, Broadvision, Commerce
 One, Deloitte Consulting, EDS, i2 Technologies, J.D. Edwards, KPMG Consulting,
 Microsoft, Oracle Corp., SAP AG and Siebel Systems. More information about the
 company can be found at www.webMethods.com.
     Statements in this announcement other than historical data and information
 constitute forward-looking statements within the meaning of Section 27A of the
 Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934.
 These statements involve risks and uncertainties that could cause VeriSign's
 actual results to differ materially from those stated or implied by such
 forward-looking statements. The potential risks and uncertainties include,
 among others, VeriSign's limited operating history under its current business
 structure, uncertainty of future revenue and profitability and potential
 fluctuations in quarterly operating results, increased competition, risks
 associated with the company's international business and risks related to
 potential security breaches.  More information about potential factors that
 could affect the company's business and financial results is included in
 VeriSign's filings with the Securities and Exchange Commission, especially in
 the company's Annual Report on Form 10-K for the year ended December 31, 2000.
 VeriSign undertakes no obligation to update any of the forward-looking
 statements after the date of this press release.
     NOTE:  VeriSign is a registered trademark of VeriSign, Inc.
     Microsoft, Windows and Windows NT are either registered trademarks or
 trademarks of Microsoft Corp. in the United States and/or other countries.
     The names of actual companies and products mentioned herein may be the
 trademarks of their respective owners.
 
 SOURCE  VeriSign, Inc.