A pioneer in the field of digital-certificate validation has introduced a new version of a flagship product, changing some terminology in the process.
Valicert Inc. has begun shipping Enterprise VA Suite 2.0, designed to provide assurance that certificates have not expired or been revoked. This can fill a gap in managing the certificates that banks or others issue to authenticate buyers and sellers in electronic commerce.
Valicert put the VA-validation authority-label on what was formerly its Enterprise Server to promote an identity separate from that of the CA, or certificate authority.
"We see a real demarcation and delineation between a CA, in which certificate holders are the customers, and the VA, which is primarily used by the relying parties in a transaction," Valicert president and chief executive officer Yosi Amram said in an interview.
He offered a credit card analogy. At the application stage, if a credit bureau connection goes down and delays delivery of a new card by a day, it is not a deal-breaker-it is not "mission critical."
But a system failure that prevents authorization of a card transaction at the point of sale, the equivalent of certificate validation in on-line commerce, can be a customer-service disaster, Mr. Amram said.
"If certificates are to be integrated in electronic data interchange or Web transactions of value," he said, "they become mission critical, and the infrastructure has to be ready."
Valicert wants to underscore the distinction, "looking at the CA and VA as two key components of a valid infrastructure," Mr. Amram said.
"We are seeing increased momentum, understanding, and adoption," he said. "A year ago, many people didn't even realize a certificate could be revoked." Now Valicert has such VA customers as AT&T, NEC, and the Canadian government.
"Organizations now have an undisputed, single source for all their validation needs," said Sathvik Krishnamurthy, Valicert's vice president of marketing and business development. They can "be their own VA and have a higher level of trust in the digital certificates they use in Internet- based commerce and communications."