|
CertCo was a financial cryptography startup spun out of Bankers Trust in the 1990s. It had offices in New York City and Cambridge, Massachusetts. It offered three main public key infrastructure (PKI) based products: an Identity Warranty system (tracking and insuring reliance on identity assertions in financial transactions); an electronic payment system (internally known as Acquire); and an Online Certificate Status Protocol (OCSP) responder for validating X.509 public key certificates. ==Early history== CertCo was founded in March 1994 by (Frank Sudia ) and Peter Freund as an internal bank department known as BT Electronic Commerce (BTEC). It spun out in November 1996 as CertCo with a number of outside strategic and financial investors in a transaction managed by Goldman Sachs. Some of its better known early employees included Rich Ankney, Ed Appel, Alan Asay, Ernest Brickell, (David Kravitz ) (inventor of the Digital Signature Algorithm), Yair Frankel, Dan Geer, C.T. Montgomery, Jay Simmons, Nanette Di Tosto, Paul Turner, Mark Jefferson and Moti Yung. Early on it licensed the "Fair Cryptosystem" key escrow patents of MIT Professor Silvio Micali and announced plans to implement a "(Commercial Key Escrow System )" (mentioned in ()). Thereafter the policy climate for key escrow turned negative (), market interest waned, and the system was never built. CertCo and Bankers Trust promoted the creation of a bank consortium to serve as a PKI certificate authority for global commerce, leading to the 1999 launch of Identrus, later renamed Identrust. The banks, however, declined to license CertCo's technology, opting instead for a vendor-neutral approach. Unlike the vendor-neutral approach, Certco promoted a risk management approach to PKI with transaction level insurance, and pioneered novel approach to authentication in the financial sector: First, a distributed proactively secured certificate authority was designed and built (had it become a standard, it would have avoided a single control point over certificate authorities, and would have avoided coercion by that control point, and would have been further used to prevent attacks on the trust infrastructure, like the one on DigiNotar). Secondly, strong authentication of clients employing PKI and digital signatures, would have been used to reduce the effect of Phishing attacks, envisioned as a possible threat to financial transactions, as well. CertCo's most notable commercial customer was SETCo (), the operating company for the Visa-Mastercard Secure electronic transaction credit card security protocol, to which it provided certificate authority technology. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Certco (financial services)」の詳細全文を読む スポンサード リンク
|