Entrust in the News
Off the Wire

Entrust Subsidiary Receives World’s 1st WebTrust For Certification Authorities Seal

Deloitte & Touche LLP Issues AICPA/CICA’s First Ever Seal to Entrust.net Inc.

07 Mar 2001

SANTA CLARA, CALIF. – Entrust Technologies Inc. (NASDAQ: ENTU), the leading global provider of Trust Relationship Management? e-business solutions, today announced that its Web-services subsidiary, Entrust.net Inc., is the world’s first certification authority (CA) to meet the standards of and qualify for a WebTrust for Certification Authorities (CAs) Seal of Assurance. Awarded by Deloitte & Touche, this qualification complies with the WebTrust standards for issuing and managing digital certificates established by both the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accounts (CICA).

The WebTrust for CAs program, developed jointly by the AICPA and the CICA, includes standards for the issuance of digital certificates so that users of these certificates can have a higher level of confidence that the certificate is valid, credible and trustworthy. These standards are designed to increase confidence in the security of the public-key infrastructure (PKI) used by a CA.

“Deloitte & Touche is extremely pleased to have worked with Entrust.net Inc. to assist them in attaining the first ever WebTrust for Certification Authorities qualification,” said Bruce Barrick, Partner, Enterprise Risk Services, Deloitte & Touche. “We salute Entrust.net Inc.’s commitment to achieving the high level of security and controls established through the WebTrust for Certification Authorities criteria to address their clients’ and industry expectations. Entrust.net Inc. has clearly established themselves as a trend-setter amongst Certification Authorities by attaining the WebTrust certification.”

Amongst other things, compliance with the WebTrust of Certification Authorities standards confirms that the CA maintains effective controls to provide reasonable assurance that:

  • Subscriber and relying party information is properly authenticated, restricted to authorized individuals, and protected from uses not related to the CA’s business
  • The continuity of key and certificate life cycle management operations is maintained
  • CA systems development, maintenance, and operation are properly authorized and performed to maintain CA systems integrity

“As the number of organizations providing digital certificates over the Internet grows steadily, so does the uncertainty as to who the issuer is and whether or not the issuer can be trusted,” said Anthony Pugliese, vice president of Member Innovation at the AICPA. “The need for a trusted third party to verify that a Certification Authority is legitimate, reliable, and has the proper security controls in place is absolutely critical. WebTrust for Certification Authorities provides this independent verification, building trust and confidence among users of digital certificates issued by a CA. Through WebTrust for CAs, Entrust.net can demonstrate to its customers that it has implemented the appropriate processes to provide the high level of legitimacy and trust associated with its digital certificates.”

Entrust.net continues to achieve third-party validation of its policies, operations and technologies used to offer Trust Relationship Management solutions to its customers. Most recently, Entrust.net also successfully passed an SAS 70 Type II audit performed by Deloitte & Touche LLP.

“Entrust.net Inc. has built a company and a brand that is closely linked to our trusted, long-term relationships with our customers and affiliates,” said Dennis Heathcote, vice president and general manager, Entrust.net Inc. “The WebTrust for CA certification and the SAS 70 Type II audit of Entrust.net’s certification services demonstrate our on-going commitment to provide our customers and affiliates with the highest level of security and trust to enable them to conveniently conduct secured transactions with confidence–over the Web and wireless Internet.”

About Entrust.net Inc.
Entrust.net Inc. strengthens and extends the leadership position of Entrust Technologies Inc. in delivering Trust Relationship Management e-business solutions over wireless networks and the Web. Entrust.net solutions include Web and wireless server certificates and digital signature solutions to help organizations lower costs and manage trusted e-business transactions between customers, partners and employees. Leveraging the strengths of Entrust Technologies’ world-renowned security expertise and technologies, Entrust.net is committed to delivering premium customer service to complement our innovative trust solutions that continue to lead the industry. For more information about Entrust.net, please visit www.entrust.net.