Microsoft and VeriSign sign .NET Security Deal

Microsoft Corp. and VeriSign Inc. have signed an agreement calling for VeriSign to provide authentication and security technology support for future .NET offerings. VeriSign technology is used to certify the authenticity of electronic communications.

According to officials at both companies, VeriSign will adopt Microsoft .NET technologies into the company's Internet-based trust services, and it will deploy the Microsoft Windows 2000 Server operating system for its Registrar-hosted Domain Names and Web sites. VeriSign also agreed to support the deployment of .NET's controversial HailStorm suite of fee-based services, including the Passport single sign-on and authentication system, as well as the HailStorm notification technology.

VeriSign's digital certificates provide encryption to protect information transactions over networks and the Web, and will add a layer of security to Microsoft's Passport verification software.

The deal comes amid concerns about Microsoft's ability to handle a major Web-based undertaking. The company has been coping with high-profile service glitches in its MSN Messenger service, and it recently dropped the ball on the delivery of a preview version of its Windows XP operating system.

Of particular concern is HailStorm, which would make Microsoft the conduit for a wide range of consumer information, including addresses, schedules and credit card numbers, via devices from PCs to cell phones. Microsoft maintains that HailStorm customers will "own" their data, which will be maintained by a third party.

According to analysts at Zona Research, the agreement with VeriSign will go a long way toward allaying such worries about .NET security. "Microsoft probably felt it needed to bring in a well-established security brand for this purpose," Zona analysts wrote in a recent commentary on the agreement, "especially since it has never been in the security business itself. This deal gives Microsoft a credible response to security questions surrounding Passport."

The agreement is also good news for VeriSign, which has faced its own troubles of late. In March, the security software maker issued digital certificates to hackers claiming to be Microsoft employees. VeriSign has every reason to believe that an alliance with .NET will go along way toward disseminating its digital certificate technology more broadly. But that result depends on the success of .NET.

".NET is a complex and challenging initiative that will test Microsoft's ability to its limits," reports Zona. "If successful, .NET will be a major achievement for Microsoft and, we suspect, the only type of development that would really drive digital certificates to ubiquity."

For more on Data Management, go to

About the Author

John K. Waters is a freelance writer based in Silicon Valley. He can be reached at [email protected].