CERTCO PROVIDES CRYPTOGRAPHIC AUTHENTICATION STRENGTH TO NETEGRITY'S SITEMINDER® PLATFORM

SiteMinder Users can Benefit from Access to CertValidator CertCo's Interoperable, Real-time Digital Certificate Validation Software


NEW YORK, July 16, 2001 - CertCo, Inc., a leading provider of risk management
and security solutions for B2B e-commerce, today announced a technical alliance with Netegrity, Inc. (Nasdaq: NETE), the leading provider of solutions for securely managing e-business. Under the agreement, CertCo's real-time digital certificate validation software, CertValidator, will provide cryptographic authentication strength to the Netegrity SiteMinder platform.

Netegrity SiteMinder makes e-business Web sites more secure and manageable by providing a platform for centrally managing user access to all applications.
Now, with the addition of technology from CertCo, SiteMinder customers can simultaneously confirm the identities of their trading partners and authenticate and authorize their transactions - regardless of the certificate
authority (CA) they employ. CertValidator's unsurpassed interoperability with major CAs, including Baltimore, Entrust and RSA, helps SiteMinder customers sidestep the problems typically associated with validating digital certificates from multiple CAs, both within the enterprise, and between organizations.

"When combined with our SiteMinder platform, CertCo's CertValidator software creates a powerful offering for our customers, allowing them to gain access to strong authentication services at minimal costs," said Bill Bartow, vice president of marketing at Netegrity. "As a member of the Netegrity Technology Alliance Partnership Program, CertCo is providing our customers with the ability to further streamline the digital certificate validation process."

CertCo's CertValidator software allows SiteMinder users to determine, in real time, if a digital certificate from any CA is valid, suspended or revoked. Unlike other validation technology that checks against a static, daily list of certificates, CertValidator is an Online Certificate Status Protocol (OCSP) responder and secure digital certificate repository, capable of accepting certificates and certificate revocation lists published by single or multiple CAs. And, since CertValidator supports OCSP requests for X.509v3 certificates, it can either verify certificates within its own data store, or forward validation requests to multiple validation authorities to gain real-time certificate status information. With these capabilities, SiteMinder's policy store can now execute a certificate validation action as part of a single authentication and authorization transaction.

"Our real-time validation technology fits perfectly with the SiteMinder platform, enabling joint customers to immediately verify the identities of their online trading partners, regardless of the issuing CA," said June Yee Felix, chairman and CEO of CertCo, Inc. "CertValidator's interoperability
and ease-of-use can help these companies better ensure the security and integrity of their online transactions."

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development