Baltimore Technologies Enables Bulk Issuance of Digital Certificates by Publishing Open XKMS X-BULK Specification

Business Wire, July 16, 2001

Business/Technology Editors

BOSTON, Mass.--(BUSINESS WIRE)--July 16, 2001

Partners with Industry Leading W3C Members to Publish an Open XML

Based Specification

Baltimore Technologies (NASDAQ:BALT; London:BLM), a global leader in e-security, today announced that it has released a specification that enables the bulk issuance of digital certificates on devices such as smart cards, cable modems and next-generation wireless SIM cards. The X-BULK specification extends the capability of the XML Key Management Specification (XKMS) to accommodate for bulk or batch Public Key Infrastructure (PKI) operations. Baltimore Technologies has made this specification public and, as a member of the World Wide Web Consortium (W3C), will present it at the XKMS Workshop in Redwood City, Calif. on July 19th.

In developing this interface, Baltimore Technologies has cooperated with leading companies involved in XKMS and PKI, including fellow W3C member, VeriSign, and leading smart card and smart card management solution providers, including CardBASE Technologies, Cards ETC, Gemplus, Giesecke & Devrient, Oberthur Card Systems and SchlumbergerSema & Setec.

"In cooperation with other industry leaders, Baltimore is enabling the widespread deployment of digital certificates for use within the Internet infrastructure and with devices, so that users can gain the benefits of strong authentication for e-business in a more transparent fashion," said John O'Sullivan, executive vice president of engineering at Baltimore Technologies. "We see XKMS as providing one of the vital components for the future development of a wide range of e-security products and services. Our new X-BULK specification further extends its capabilities."

XKMS is designed to simplify the integration of enhanced Internet security features such as authentication, encryption and digital signatures into Web applications. The ability to have these features embedded in Internet applications and devices, and therefore `invisible' to the user, will be a key factor in mass adoption of the technology. However, proprietary interfaces between device factories and PKIs are currently limiting the ability for devices to be manufactured with digital certificates. The X-BULK extension to XKMS will eliminate these proprietary interfaces and replace them with an open, industry-backed interface. This will result in much speedier implementation times for financial institutions, wireless operators, enterprises and governments who are actively rolling out smart cards with PKI to enable a host of value added services aimed at increasing revenue and decreasing administration costs.

The ability for devices such as smart cards, cable modems, PDAs and mobile phones to strongly authenticate to a network will be key to the adoption of further channels of e-commerce. Smart cards, driven by financial institutions, wireless operators and national ID schemes globally, are becoming the de-facto way to store users' credentials in a secure environment. The smart card is also a familiar token in everyday life as people are used to using a card and a PIN to access confidential information.

"This announcement demonstrates the importance for companies, even competitors, such as VeriSign and Baltimore, to work together to build a trust foundation that enables the dynamic growth of online transactions and communications," said Warwick Ford, Chief Technology Officer at VeriSign. "By working together directly and being members of W3C, VeriSign and Baltimore aim to specify a universal open solution that builds on the work already done in developing XKMS."

"We are convinced that today's announcement extends Baltimore's global leadership in standards-based wireless PKI and will result in an accelerated rollout of enhanced value-added security services by mobile operators," said Toni Laine, chief security architect at Radiolinja. "Baltimore's X-BULK extension to the XKMS specifications will eliminate the interoperability issues between PKI and smart card vendors, thus resulting in a simpler method for issuing batches of digital certificates on S/WIMs."

"One of the main inhibitors to seamless bulk issuance of digital certificates on smart cards and other devices has been the lack of an open, standards-based interface definition," said Sven Hammer, vice president marketing, Financial and Security Services, Gemplus. "By making this specification public and working with leading industry bodies such as the W3C, Baltimore Technologies is, once again, advancing open standards in e-security and Gemplus is pleased to endorse these advancements."

"The original XKMS specification does not adequately meet the requirements of scenarios where bulk issuance of certificates on devices such as smart cards is required," said Tim Reeve, director of card management at Oberthur Card Systems. "By working on this interface through the W3C, Baltimore Technologies is aiming, for the first time to have an industry wide standard for interfaces between smart card management systems and PKI technologies."