• Extend Internet Applications to Every Desktop. Catapult's Web Proxy Service and Remote Windows Sockets Service deliver Internet applications to your desktops via standard protocols.
• High Performance. Catapult proactively caches frequently accessed documents to ensure the immediate availability of fresh data, automatically updating cached copies of popular Web pages based on heuristics of usage. Catapult builds upon the high performance and scalability of Windows NT Server for application services.
• Security. Administrators can grant or deny outbound access by user, service, port or IP domain. Access to specific sites can be blocked. Catapult leverages the C2-level security features built into Windows NT Server.
• Integration. Catapult provides tight integration with Microsoft Windows NT Server, and the Microsoft Internet Information Server, resulting in high performance and easy administration.

Excerpt from Press Release

Catapult is a proxy server, acting as a secure gateway between a LAN and the Internet. It filters and replicates Web content for corporations or Internet service providers. Catapult proactively caches frequently accessed documents to ensure the availability of refreshed data, automatically updating cached copies of popular Web pages based on heuristics of usage. This caching conserves network bandwidth, improves response time for clients, reduces network congestion, and improves control over network resources without burdening end users or network administrators. Catapult supports dial-up lines; it does not require a leased line to the Internet.

Catapult leverages the C2-level security features built into Windows NT Server and allows network operators to have fine-grained control over access to or from the Internet. Administrators can grant or deny inbound and outbound connections according to user, service, port or IP domain. Access to specific sites can be blocked.

Catapult builds upon the high performance and scalability of Windows NT Server for application services. Catapult has provided Microsoft's internal corporate Web access for the last nine months. Even in its early beta version, one Catapult server is supporting more than 3,500 Microsoft employees per day.

Catapult is designed to integrate with Windows NT Server. This means administrators can use a single set of tools, including the performance monitor, user manager, event log and access logging to manage their intranets. Developers can use the Microsoft Internet Server API (ISAPI) to add features to Catapult, such as custom authentication and access control or customized logging. Catapult complements Windows NT Server, which includes a built-in Web server, the Microsoft Internet Information Server (IIS), a search server, and the Microsoft FrontPage™ Web authoring and management tool.

As a member of the Microsoft BackOffice family, Catapult can be managed remotely on the LAN or over the Internet. It works seamlessly with all members of the Microsoft BackOffice family, including Microsoft SQL Server™, to provide logging of access information for administrative and security purposes, and Microsoft Exchange.

Netscape's Andreessen Holds First Personal Digital ID for Web

The Digital ID Center is now open for business and is accessible with any Web client. Digital ID functionality is initially available for Netscape Navigator 3.0 users and email applications supporting S/MIME. Available today, Class 1 Digital IDs (a $6 value) are free for non-commercial use or through the Netscape Navigator 3.0 registration process. Class 2 Digital IDs, which have a higher level of assurance and trust, will be available with the final product release of Netscape Navigator 3.0.

Digital IDs will also be available for Microsoft Internet products. "VeriSign's commitment to providing certificate management services, with strong support for industry standards such as the X.509 certificate format, is a great step forward for Internet security," said Hank Vigil, business unit manager of Electronic Commerce and Security for Microsoft Corporation. "These standards are implemented today in Microsoft Exchange for secure messaging, and will be supported in our next-generation Internet Information Server products, for applications such as user identification, digital signatures in ActiveX Controls, and electronic commerce. Microsoft customers will benefit from the complementary nature of VeriSign's certificate services, available today via Verisign's Digital ID Center, in conjunction with Microsoft's products."

Digital IDs, commonly referred to as digital certificates, use today's strongest cryptographic techniques to provide a trusted means of authenticating the identity of each party in an electronic transaction. VeriSign's Digital IDs are used much the same way as conventional forms of identification, such as a driver's license or passport, to provide irrefutable evidence of the owner's identity and, in some cases, authority in a given transaction. A Digital ID is issued by VeriSign, the trusted third party which performs the appropriate background checks on an individual or entity according to the Digital ID's level of assurance. Once issued, the Digital ID can be used within any enabled applications such as Netscape Navigator Internet client software and Netscape SuiteSpot, an integrated suite of server software.

"One of the major constraints to increasing Web transactions is clearly authentication. Businesses and end users need to know who's on the other end of the wire," said Mike Rothman, vice president of the Global Networking Strategies Service at META Group, a technology research and analysis firm in Reston, VA. "VeriSign, using their Digital IDs and acting as the trusted certificate authority, will be instrumental in building a secure infrastructure for the Web."

The Digital ID Center is located at VeriSign's secure operations facility in Mountain View, CA. It has been designed as a distributed processing system utilizing state-of-the-art Web technology, multiprocessor servers and transaction software. VeriSign's Digital ID Center is capable of issuing millions of Digital IDs for Internet email and Web browsing. The Digital ID Center operates 24 hours a day and 7 days a week.

Visitors to VeriSign's online Digital ID Center can perform specific Digital ID functions - such as request a Digital ID (for individual or entity), find an individual's Digital ID (to send encrypted Internet email to its owner), revoke (or cancel) their own personal Digital ID, or simply look through an online information desk. This contains information to help visitors understand the technology of Digital IDs and how to use them, a repository of legal practices and policies, and a list of revoked certificates. The Center is open to Internet users and Web service providers who require security and authentication products and services. Typical uses for Digital IDs will include Web site access (replacing passwords), secure Internet email, and identification validation for certain Web-based financial services. For more information on Digital ID Classes and uses, see the "Digital ID Fact Sheet" on VeriSign's Web site.

VeriSign Inc., the only company focused 100% on digital authentication products and services, provides its customers with the confidence necessary to conduct electronic commerce worldwide. VeriSign's Digital IDs play a key role in ensuring the privacy and authentication of electronic transactions and communications.

Public-key cryptography has become the enabling technology for unbreakable security within the Internet and World Wide Web (WWW), Electronic Commerce, client/server computing, wireless communications and many other exciting areas of innovation.

The Digital ID (tm) (also known as a digital certificate) is the vital linchpin to support the essential privacy and authentication capabilities provided by public-key cryptography.

VeriSign, Inc. is a full-service provider of Digital IDs for corporations and individuals, as well as a provider of enabling technology to other companies that want to issue Digital IDs.

VeriSign is a spin-off from RSA Data Security , the industry leader in providing public-key cryptography solutions. VeriSign is leveraging and greatly expanding the pioneering work done by RSA s Certificate Services organization over the last two plus years.

As the first company established specifically to provide Digital IDs and related technology, VeriSign has the intensity, sharp focus and trained personnel necessary to understand and meet the needs of this dynamic, emerging market.

Driver Licenses for the Information Superhighway

A Digital ID is an authenticated electronic "credential" or "letter of introduction" that certifies the connection between a public key and its owner just like a driver license notarizes the connection between a person's photograph, name, address and birth date information.

As the Information Superhighway becomes populated with providers of services and content, the use of public-key cryptography and Digital IDs becomes essential for privacy and authentication. A Digital ID becomes a user's " driver license for the Information Superhighway. (tm) " As the most accessible, well-known provider of Digital IDs, VeriSign will, using this metaphor, become "the DMV for the Information Superhighway. (tm)"

Just as public-key cryptography has become a core enabling technology for many of the most exciting advances in the digital information age, there are rapidly expanding markets for Digital IDs. Any product or service that can benefit from privacy and/or au thentication of messages, content, users or providers will find Digital IDs to be invaluable.

Some of the more interesting Digital ID deployments today are happening in the following industry segments:

• Internet, WWW and online services
• Electronic Commerce including EDI
• E-mail and groupware / collaborative computing
• Client/server application development

The following examples illustrate the broad range of products and services that are using VeriSign Digital IDs:

Netscape Communications

The innovative SSL security features within Netscape s popular Commerce Server require a Digital ID for each secure server. Electronic mall customers request the Digital ID from the server to authenticate the identity of the mall operator and the content provided by the merchant. The Digital ID is also instrumental in establishing a secure channel for communicating sensitive information like a credit card number back to the mall operator.

CommerceNet

VeriSign is managing a Digital ID program for the over 100 member companies within CommerceNe t, the first large-scale trial of Electronic Commerce on the Internet. This involves issuing both client and server Digital IDs to support an interesting array of electronic commerce pilot projects conducted under the auspices of CommerceNet and using WWW browser and server technology based on Secure HTTP developed by Terisa Systems.

Apple Computer

The DigiSign utility within Apple's Mac OS 7.5 operating system supports digital signatures. All DigiSign users can generate a Digital ID request and create and verify digital signatures from their desktop.

The following profiles illustrate how several companies are utilizing Digital IDs for their employees and customers:

Cisco Systems

VeriSign is issuing Digital IDs to Cisco employees using Apple s MacOS 7.5 and an innovative electronic forms package from Shana Corporation for a variety of Human Resources applications.

TRW

VeriSign has provided an on-site Digital ID issuing capability to TRW in support of several innovative productivity pilot programs utilizing digital signatures.

Virtual Vineyards

VeriSign issued the Digital ID that enables Virtual Vineyards to securely accept credit card payments as part of a highly successful business of selling fine wines over the Internet using Netscape s Commerce Server.

With financial backing from the following industry leaders, VeriSign is well-positioned to enhance its stature as the premier provider of Digital IDs and related technology:

• Ameritech
• RSA Data Security
• Bessemer Venture Partners
• Security Dynamics
• Fischer International
• VISA International
• Mitsubishi Corporation

Through forging strategic partnerships, building a strong infrastructure, and adding market-driven products and services, VeriSign plans to establish itself as the preferred Digital ID provider for its charter investors.

In the process, VeriSign plans to work hard to become the credible, trusted source for Digital IDs for many other companies, including other leading OS and application vendors, smart card suppliers, Internet and online service providers and e-mail and workflow vendors.

Products and services that utilize public-key cryptography for privacy (via encryption) and/or authentication (via digital signatures) allow the end-user to generate their own personal public/private key pair. The private key, used to create digital signatures, must be stored securely (ideally on a tamper-proof smart card).

Conveniently distributing a user s public key within a Digital ID has two primary advantages:

• the Digital ID binds the user s public key together with his/her name, company, address, etc., and
• the Digital ID is signed by an independent, trusted entity like VeriSign that ensures that the Digital ID owner has met pre-established identity requirements for the particular type of Digital ID.

The sender of an encrypted message, file, etc. can be confident that the public key being used to encrypt the message, file, etc. really belongs to the intended recipient.

In addition, the sender can be confident that only the recipient (as the owner of the corresponding private key) can decrypt the message.

The recipient of a message, file, etc. that has been digitally signed can verify two important things:

• message integrity (i.e. the message, file, etc. has not been modified in any way since it was signed), and
• signer identity (i.e. the identity of the person who created the digital signature).

The creator of a digital signature typically appends his/her Digital ID to the end of the signed message, file, etc. Other times the recipient will pull the Digital ID from a trusted, online Digital ID directory. Digital ID-enabled applications automatically verify the signatures of both the owner of a Digital ID, and the issuer of the Digital ID.

Digital IDs from VeriSign conform to the international standard for digital certificates, assuring interoperability with other products and services that supp ort the standard. VeriSign Digital IDs also support the leading standard for certificate-based privacy and authentication systems, the Public Key Cryptography Standards (PKCS).

PKCS, established in 1991 by RSA and several leading corporations and educational institutions, provides application designers with a common framework for building secure, interoperable, platform-independent certificate-based applications.

VeriSign recommends participating in a Digital ID hierarchy, since Digital ID owners within a hierarchy can easily and confidently exchange Digital IDs with others in the same hierarchy.

VeriSign has established several Digital ID hierarchies that ensure a common level of identity confidence for all Digital IDs within the hierarchies. Two of the most popular hierarchies, with thousands of existing customers, are the Commercial Hierarchy (Digital IDs for individual users) and the Secure Server Hierarchy (Digital IDs for specific servers used in EDI and Electronic Commerce).

While VeriSign has several pre-existing hierarchies, if a particular company or industry group desires to set up a custom or proprietary hierarchy, VeriSign can provide the tools to establish and manage the custom hierarchy.

VeriSign provides issuing, revocation and status services for two types of Digital IDs:

• Corporate Digital IDs are used to facilitate inter-company communication that benefits tremendously from having the company s name on the Digital ID of employees and other affiliates of each company, and
• Personal Digital IDs are used by individuals who do not need company affiliation and sponsorship in order to conduct their company or personal business.

VeriSign has three primary issuing arrangements to deliver Digital IDs to end-users of Digital ID-enabled applications, products and services. Issuer options include:

• VeriSign Digital IDs are issued directly by VeriSign to individuals without corporate sponsorship or to employees and oth er affiliates of companies or organizations that want to outsource the actual issuing and management of Digital IDs to VeriSign,
• Customer Digital IDs are issued by companies to their own employees and affiliates using secure issuing hardware provided by VeriSign, and
• Reseller Digital IDs are issued by companies authorized by VeriSign to provide Digital IDs and related services. VeriSign is actively encouraging reseller relationships to satisfy the Digital ID requirements of specific vertical markets , complex distribution channels and remote geographies.

CIS is the backbone of VeriSign s service offerings, as well as the secure issuing capability provided to companies that want to control their own Digital ID issuing process.

Within CIS, the BBN SafeKeyper (tm) Certificate Signing Unit is a tamper-proof, electromagnetically shielded hardware device that fulfills Digital ID requests and meters Digital ID serial numbers, much like a pos tage meter. The CIS system software runs on a Macintosh today (with Windows and UNIX ports planned for late 1995). CIS includes an integrated Oracle (tm) database for Digital ID management and reporting functions.

The first step towards utilizing Digital IDs within a product or service is to license public-key cryptography from RSA Data Security, or an authorized OEM licensee.

Once the public key associated with one or more of VeriSign s Digital ID hierarchi es is included with the software distributed to end-users, these end-users are ready to be issued Digital IDs by VeriSign or one of its certification partners.