15 September 2003
Updated: 15:06 GMT
PGP makes email encryption easier
By John Leyden
Posted: 15/09/2003 at 14:06 GMT
PGP Corporation today introduced simpler email encryption in which the burden of
securing email messages is shifted from the client to the network.
PGP Universal software suite, launched today, represents a new architecture for the
company. The complexity of email encryption systems has long been a factor holding
back deployment. Some vendors have responded to by repackaging encrypted email as a
PGP Corp has taken a slightly different tack, adapting its software so that it can be
loaded onto x86 servers to create an email encryption appliance. These proxy servers
live between an email server and client machine or in an enterprise's DMZ; they are
responsible for generating encryption keys and managing the encryption and digital
signing of email, according to enterprise security policies. The appliances can be
clustered for higher availability.
Transmissions between a client machine and PGP can themselves be encrypted using SSL.
The technology was launched at a Gartner security conference in London this morning.
Stephan Somogyi, director of products at PGP Corp, told delegates that PGP Universal
radically simplifies the support and training requirements normally associated with
deploying enterprise encryption products.
"Desktop solution hit a wall when you hit deployment of 15 per cent within companies
because of training and deployment issues," Somogyi told The Register . "With desktop
solutions you also have a problem of people accidentally failiing to comply with
security policies, for example by forgeting to digitally sign email, that's why we're
moving to a network-based approach."
But couldn't an enterprise set up a similar system using digital certificates and
email sent using the TLS protocol, Somogyi was asked. Up to a point, he replied; such
an approach would only work effectively for site to site email and sets up a
computational overhead which PGP's architecture is better suited to manage.
PGP Universal support POP3 and IMAP clients, as well as Lotus Notes systems. Exchange
support is more problematic, but the PGP Corp intends to support Exchange 2003 support
via OUtlook HTTPS.
PGP Corp intends to add support for S/MIME encryption and X.509 certificates to PGP
Universal later this year. And it aims, at some point, to support secure instant
messaging and a greater range of mobile devices - PGP has already developed a client
that works on a Handspring Treo.
PGP Universal interoperates with AV and content filtering scanners, where messages are
be checked before encryption and after decryption. Alex Doll, CFO at PGP Corporation
said the company was in talks with one particular AV vendor, which he declined to name
as yet, about a possible OEM deal. The company is also in talks with an ISP and
managed service provider about setting up a premium service based on PGP's technology.
Pricing for the PGP Universal, which the company says is suitable for companies
ranging for a handful of employees to thousands, is based on the number of end users,
gateway and supported domains. Costs are similar to AV pricing, according to Steve
Abbott, VP of sales at PGP Corp. ®
R. A. Hettinga <mailto: [EMAIL PROTECTED]>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]