Contribution of PKI technology through Sun Microsystems, Mozilla opens certificate revocation list distribution points

DALLAS, July 25–Entrust, Inc. believes that everyone deserves to be secure on the Internet. To support that goal, the layered security expert is contributing public key infrastructure (PKI) technology to the open-source community through Sun Microsystems, Inc. and the Mozilla Foundation. Specifically, Entrust will supply its certificate revocation list distribution points (CRL-DP) patent 5,699,431 to Sun under a royalty-free license for incorporation of that capability into the Mozilla open-source libraries.

“When it comes to online security, PKI really is the gold standard. If companies are going to use open-source PKI, we felt it was our duty to make sure they had the important piece of CRL-DP incorporated,” said Entrust Chairman, President and Chief Executive Officer Bill Conner. “To this day, PKI remains one of the strongest, most-trusted security infrastructures available. The ability to leverage the technology to solve a variety of security challenges makes it the cornerstone of a layered security model – regardless of its intended purpose or objective.”

Certificate revocation lists (CRL) are used to track revoked users’ security credentials and associated rights. CRL-DPs are a key aspect of secure and robust PKI deployments and allow for efficient distribution and processing of revocation lists. Specifically, CRL-DPs partition a revocation list into more manageable pieces and allow greater efficiency, improved performance and reduced network traffic.

“Having support for CRL-DPs is an increasingly essential ingredient to any PKI-enabled application,” said Karen Tegan Padir, vice president, software infrastructure Sun Microsystems. “We appreciate Entrust’s intellectual property contribution, and we are pleased to share this valuable security resource with the open-source community.”

As part of the agreement, Sun Microsystems will incorporate the CRL-DP capability into the Mozilla Network Security Services (NSS) libraries. Under the flexible Mozilla licensing scheme, users of these libraries will have access to the CRL-DP capability and may use the associated NSS code under the terms of any of the Mozilla Public License (MPL), GNU General Public License (GPL), or GNU Lesser General Public License (LGPL).

“Incorporating the CRL-DP capability into our existing NSS libraries will significantly elevate the value of the PKI-enabled applications that use these libraries,” said Frank Hecker, executive director of the Mozilla Foundation. “We are grateful Entrust wanted to participate in this offering and understands that secure technology like PKI is too important not to provide to the open-source community.”

About Entrust

Entrust secures digital identities and information for consumers, enterprises and governments in 1,650 organizations spanning 60 countries. Leveraging a layered security approach to address growing risks, Entrust solutions help secure the most common digital identity and information protection pain points in an organization. These include SSL, authentication, fraud detection, shared data protection and e-mail security. For information, call 888-690-2424, e-mail entrust@entrust.com or visit http://www.entrust.com.

Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries. In Canada, Entrust is a registered trademark of Entrust Limited. All Entrust product names are trademarks or registered trademarks of Entrust, Inc. or Entrust Limited. All other company and product names are trademarks or registered trademarks of their respective owners.

Sun, Sun Microsystems, and Java are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries.