IBM And Lotus Boost Industry Standards To Advance Secure Online Commerce

Free Software Source Code Available in August

Select a topic or year

AUSTIN, Texas, & CAMBRIDGE, Mass - 28 Jul 1998: -- IBM and Lotus Development Corp. today announced they are donating industry-standard security software source code to the Internet community which can be used for making online commerce easier and more secure.

The security software is based on Internet standards defined by the Internet Engineering Task Force, the leading international standards organization for the development of the Internet. This will help unify the Internet community by enabling vendors to more easily adopt, develop and promote a standard way to secure any and all applications with digital certificates. With digital certificates, people can sign their names electronically, much like drivers' licenses are used for identification.

The software source code, also known as a reference implementation, delivers on the IETF's draft Public Key Infrastructure standards, commonly referred to as PKIX. PKIX provides the mechanism to issue, validate, revoke and renew digital certificates. The reference implementation will be available through the Massachusetts Institute of Technology's Web site at the end of August.

"Internet software vendors and customers today face a major interoperability hurdle due to proprietary implementation of public key infrastructure, " said Jeff Schiller, IETF Area Director and MIT Manager of Systems and Operations. "By developing and making the PKIX reference implementation code available to all, IBM and Lotus are enabling software vendors to develop products that interoperate and are giving customers the option to choose products that support cross-product and cross-vendor interoperability."

"By providing the code at no charge, IBM is making it much easier for companies to adopt the PKIX standard...enabling them to securely link their customers, their remote offices and sites, their partners, their suppliers and vendors via the Internet," said Jeff Jaffe, IBM General Manager of eNetwork Software and Security. "Internet software vendors now will be able to get encryption-based products to market faster, and users will be able to conduct business safely and securely online while reducing their costs."

Systems and software vendors now may take advantage of the source code, or reference implementation, and no longer need to invent their own core technology or worry about interoperability of certificates. By selecting a product based on the emerging standards, customers will be able to deploy a single public key infrastructure for all of their security applications, reducing the total cost of ownership including deployment time and expense.

In addition to more than 20 organizations participating in authoring the PKIX standard, leading companies, associations and software vendors have lined up to support PKIX, including (see quotes attached): General Motors, JP Morgan, Netscape, Sun, International Computer Security Association, Security Dynamics, Inc., Intel, Equifax, and DASCOM.

Building on IBM's leadership in promoting and delivering PKIX, IBM and Lotus intend to integrate this standard public key infrastructure throughout their products, including:

In addition, Tivoli will provide management support for the standards-based digital certificate environment.

Services and Consulting

Continuing IBM and Lotus' thrust with PKIX standards, customers in every part of the world can also take advantage of services and consulting support through IBM Global Services. IBM can help implement and deploy an architecture that supports an enterprise-wide PKI that all applications can use. IBM services offerings enable customers to develop their PKI policy, strategy and requirements definition. Planning, architecture and implementation services are also available to help customers effectively use PKI to enhance their business operations.


Available to the public and at no charge, the Public Key Infrastructure reference implementation can be downloaded from the World Wide Web on MIT's Web site located at at the end of August for Windows NT. A version of the reference implementation will be available for Sun Solaris by the end of the year. IBM plans to offer the complete reference implementation function plus additional enhancements on AIX in January 1999, and plans to support the PKIX standards in the OS/2, OS/400 and OS/390 environments. Distribution of other products incorporating the PKIX standard will be decided by the respective vendors of those products.

Related XML feeds
Topics XML feeds
Information Management, Lotus, Tivoli, Rational, WebSphere, Open standards, open source