AddTrust Deploys Chrysalis-ITS' Luna CA3 To Issue European Union-Compliant Digital Certificates:...

Business Editors

OTTAWA--(BUSINESS WIRE)--March 5, 2001

Chrysalis-ITS, developer of Ultimate Trust(TM) Solution Platform products for e-business, today announced that it has been selected by AddTrust to manage and protect the private keys at the heart of their certificate hosting

AddTrust is deploying Chrysalis-ITS' Luna(R) CA3 product in their certificate hosting system. Luna CA3 is the de facto standard for Certificate Authority key management deployed in over 150 PKI installations worldwide and is recommended by auditors of CA hosting services to ensure best practices. Luna CA3 enables AddTrust to deliver the level of trust and assurance required to issue European Union-compliant digital certificates.

The upcoming European standard specifies a way for certificate providers to implement the requirements of the EU e-Signature Directive, which requires the use of qualified certificates for making electronic signatures equal to handwritten signatures. The work on the new EU standard in the European Telecommunications Standards Institute (ETSI) is led by AddTrust's CTO Stefan Santesson. The use of hardware security within a digital certificate infrastructure is a critical component for providing the same assurances of privacy and authenticity that are present in a paper-based system and assigning the same legal weight to electronic signatures.

AddTrust2Enterprise is designed for companies that want to be in full control of their PKI without having to set up the equipment and hire the expert staff to operate a CA themselves. The company provides Internet trust services to corporate, government and individual users through a network of licensees, ranging from banks and telecom operators to postal services around the world. AddTrust is the first TTP to offer services meeting the most stringent requirements of the EU directive on electronic signatures.

"Inherent to the trust and integrity of AddTrust's services is the authenticity of the certificates issued," said Peter Lundgren, VP Marketing & Sales, AddTrust. "Chrysalis-ITS' Luna CA3 provides the secure key generation, storage, back-up, and management that is critical to safeguarding our service and the authenticity of our clients' transactions."

PKI is steadily becoming the means to authenticate online relationships. Companies may choose to develop their own PKI in-house or outsource to a Trusted Third Party (TTP). Trusted Third Parties by their very nature must provide a high degree of trust and assurance to their customers. This is normally documented by the TTP in their Certificate Practices Statement (CPS). Typically, TTP's undergo a Security Audit Standard, known in the industry as a SAS 70 Audit, to certify their system and practices comply with their CPS and industry best practices. Part of these best practices concern the protection and management of the heart of any TTP PKI, the root keys. Chrysalis-ITS' Luna CA3 is the leading Hardware Security Module (HSM), recommended by SAS 70 Auditors to prevent the attack or misuse of mission critical key material.

According to International Data Corporation, web-based B2B transactions are expected to exceed $1 trillion by 2003. "AddTrust's extension into the high growth Internet trust services field reflects the vast market potential for online business-to-business transactions," said Bill Park, Director PKISP Sales, Chrysalis-ITS. "By using Chrysalis-ITS technology, AddTrust clients can take full advantage of the opportunities presented by online commerce with a highly secure, scalable PKI solution."

Meeting Best Practice Security Standards with Luna CA3

There are best practices to bear in mind when deciding how and where to store sensitive encryption keys. At a minimum, the HSM must provide key generation, backup and key recovery to prevent loss from attacks or system failure. The duty of overseeing the infrastructure must be done jointly within a group of security officers, so no one person can compromise the integrity of the system. Physical security must ensure that the sensitive keying material is stored in a secure, tamper resistant device, which is tightly integrated with the selected PKI application, to protect from internal risks. A formal and independent certification of the HSM such as Federal Information Processing Standard 140-1 validates the level of protection provided for the private keys. Independent auditors such as Deloitte and Touche have asserted that for best practices for root key protection a FIPS 140-1 Level 3 validated HSM, such as Luna CA3, should be used.

About AddTrust

AddTrust AB is a European information security services company founded in February 2000 by private investors and its executive management. Its headquarters are in Malmo (Sweden) with offices in Stockholm, the UK, France, Greece, and the Netherlands.

AddTrust operates a unique business concept built on recognized top-level European expertise in the legal, technical, security and standards fields. This business concept is the basis for its powerful service offering rolled out through a global network of licensees. AddTrust's services are fully interoperable with other trust solutions and are easy to use together within any technical environment. AddTrust certificates meet the toughest European legal requirements and are enforceable by courts worldwide.

About Chrysalis-ITS

Chrysalis-ITS, Inc. is a global leader in building Ultimate Trust(TM) solution platforms that power e-business security. Chrysalis-ITS' industry leading Luna(R) family of products accelerate virtual private networking and provide secure key management capabilities for organizations with high volume sensitive transactions. Chrysalis-ITS secures e-business transactions and communications over wired and wireless networks. Chrysalis-ITS customers include many of the world's leading financial institutions, service providers and government agencies. Chrysalis-ITS products are delivered through a global network of distributors and value-added resellers. Founded in 1994, Chrysalis-ITS is headquartered in Ottawa, Canada, with offices in London, UK; Boston MA, and Mountain View, CA. The company website is www.chrysalis-its.com.

Chrysalis-ITS, Chrysalis-ITS logo, Luna and Ultimate Trust are trademarks or registered trademarks of Chrysalis-ITS, Inc. All others mentioned herein are property of their respective owners.