Federal Interagency Working Group Qualifies Tumbleweed PKI Validation Solution for Use in Federal Bridge-Enabled Environment.REDWOOD CITY Redwood City, city (1990 pop. 66,072), seat of San Mateo co., W Calif., on San Francisco Bay; inc. 1868. Manufactures include commmunications, electrical, electronic, and medical equipment. , Calif. -- GSA-Chaired Path Discovery & Validation Working Group Names Tumbleweed tumbleweed, any of several plants, particularly abundant in prairie and steppe regions, that commonly break from their roots at maturity and, drying into a rounded tangle of light, stiff branches, roll before the wind, covering long distances and scattering seed as Validation Authority to List of Qualified Validation Solutions Tumbleweed(R) Communications Corp. (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :TMWD), a leading provider of e-mail security, file transfer security, and identity validation solutions, today announced that the Federal Public Key Infrastructure (PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of ) Policy Authority's Path Discovery and Validation (PD-Val) working group has qualified the Tumbleweed Validation Authority(TM) (VA) and Desktop Validator(TM) (DV) for Federal government agencies employing enterprise-level, real time validation of digital certificates. Agencies can use Tumbleweed VA and DV to implement a complete solution for enabling interoperability among multiple PKIs in the Federal Bridge-enabled environment. Tumbleweed VA's real time validation capabilities are essential for protecting critical information infrastructures in large scale distributed computing environments, and for enabling the trusted relationships essential for secure and assured communications. The process for establishing a trust relationship between two distinct entities, or certificate authorities, is called cross-certification. Cross-certification establishes how each entity agrees to trust and rely upon each other's public key certificates as if they had issued them themselves, enabling their respective users to interact securely. The government created the Federal Bridge Certificate Authority (FBCA FBCA Federal Bridge Certification Authority FBCA Federation of British Cremation Authorities (UK) FBCA Florida Business Corporation Act FBCA First Baptist Church Arlington (Texas) ) to provide an environment in which Federal agencies can request and perform cross-certification with other PKIs, which allows all entities participating in the FBCA to recognize and trust digital signatures and certificates sent from and between participating organizations. Currently, 13 PKIs have cross-certified with the FBCA, including the US Department of Defense, seven Federal agencies, the State of Illinois, and Wells Fargo Wells Fargo armored carriers of bullion. [Am. Hist.: Brewer Dictionary, 1147] See : Protectiveness Wells Fargo company that handled express service to western states; often robbed. [Am. Hist. . For cross-certification of multiple agency PKIs to work, each agency must implement a path discovery and validation solution capable of locating the correct certificate chains of trust (Path Discovery) and determine the validity and status of these trust relationships. To ensure compatibility and interoperability of such solutions within the FBCA, the National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. ) designed the Public Key Interoperability Test Suite (PKITS) and the Path Discovery Test Suite for use in evaluating and qualifying certificate validation solutions. Chaired by the General Services Administration The General Services Administration (GSA) was established by section 101 of the Federal Property and Administrative Services Act of 1949 (40 U.S.C.A. § 751). The GSA sets policy for and manages government property and records. (GSA (1) (Global mobile Suppliers Association, Sawbridgeworth, U.K., www.gsacom.com) A membership organization of suppliers of GSM products and services. Its goal is to promote GSM as the worldwide mobile communications standard. See GSM Association and GSM. ), the PD-Val working group makes recommendations on infrastructure and desktop solutions that will facilitate certificate validation, and its recommendations are based on the applicant's test results derived from the GSA's E-Authentication Lab. Enspier, which operates the interoperability laboratory under the auspices of the E-Authentication program, conducted extensive and rigorous tests on the Tumbleweed server and desktop components according to NIST's specifications. At the completion of the testing process, the PD-Val working group reviewed the results and recommended the inclusion of Tumbleweed's solution on the Qualified Validation List. The technical synopsis of the PD-Val evaluation and recommendation was posted online on February 8, 2006, and is available via the following link: http://www.cio.gov/fbca/validation_solutions.htm. "Tumbleweed's PKI validation solution addresses Federal agencies' requirements for a secure, reliable, and consistent method of path discovery and validation for realizing the benefits of cross-certification and extended interoperability of information and Internet communications systems," said Tumbleweed's Vice President, Federal Sales, Ann Smith. "As the provider of the most complete server and desktop validation solution to be qualified for the Federal Bridge, Tumbleweed is well positioned to help cross-certified Federal agencies achieve trusted communications in compliance with E-Authentication and other security initiatives, not only between agencies, but with other private and public sector organizations in the U.S. and abroad." The PD-Val working group's efforts are critical to achieving secure and assured communications among Federal agencies participating in the FBCA environment. In addition to enhancing the FBCA environment's operational capabilities, the rigorous testing and qualification process provides a framework that will also help Federal agencies align their efforts with other E-Authentication initiatives such as Homeland Security Presidential Directive 12 (HSPD-12), which calls for a mandatory, government-wide standard for secure and reliable forms of identification, and Federal Information Processing Standard Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States Federal government for use by all non-military government agencies and by government contractors. (FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. ) 201, which specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors. Utilizing Tumbleweed Validation Authority and Desktop Validator, systems and end-users within any agency could seamlessly verify and validate certificates (used for authentication, digital signatures, etc.) from systems and end-users within other agencies that have cross-certified with the FBCA. Simultaneously validating identity and trust relationships with other government and commercial entities offers a number of benefits in terms of enhanced security and improved efficiencies. As an example, Federal Contractor employees often do work for multiple agencies, and the ability to validate credentials and trust via the FBCA environment minimizes the number of smart cards an individual would need to carry, while reducing the need for additional credentials, since the same credential could be used for physical and logical access as well as for secure messaging, cryptographic log-on, web access, wireless, VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. , or other electronic transactions. About Tumbleweed Validation Authority Tumbleweed Validation Authority (VA) ensures the validity and integrity of highly valued and trusted transactions. Validation Authority is a Certificate Authority (CA) neutral, extensible server that utilizes multiple validation protocols for checking the validity of X.509 certificates within Public Key (PKI) environments. Validation Authority delivers a comprehensive, scalable, and reliable framework for validating digital certificates in real time, and can validate a certificate issued by any CA. It complies with Federal Information Protection Standard (FIPS) 140-1 (Software level 1), FIPS 140-2 (Hardware level 3), DOD (1) (Dial On Demand) A feature that allows a device to automatically dial a telephone number. For example, an ISDN router with dial on demand will automatically dial up the ISP when it senses IP traffic destined for the Internet. Joint Interoperability Testing Command, and Identrus standards. Additionally the Validation Authority is completing Common Criteria (ISO/IEC ISO/IEC International Organization for Standardization/International Electrotechnical Commission (ITU-T M 3000) 15408) Evaluation Assurance Level The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. (EAL-3) certification by the National Information Assurance Partnership (NIAP See Common Criteria. ), a collaboration between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA NSA abbr. National Security Agency Noun 1. NSA - the United States cryptologic organization that coordinates and directs highly specialized activities to protect United States information systems and to produce foreign ). SAFE HARBOR Safe Harbor 1. A legal provision to reduce or eliminate liability as long as good faith is demonstrated. 2. A form of shark repellent implemented by a target company acquiring a business that is so poorly regulated that the target itself is less attractive. STATEMENT Tumbleweed cautions that forward-looking statements contained in this press release are based on plans and expectations as of the date of this press release, and that a number of factors could cause the actual results to differ materially from the guidance given at this time. These factors are described in the Safe Harbor statement below. Except for the historical information contained herein, the matters discussed in this press release may constitute forward-looking statements that involve risks and uncertainties that could cause actual results to differ materially from those projected, particularly with respect to the qualification and deployment of Tumbleweed's products by the U.S. government, as well as the functionality and performance of Tumbleweed products. In some cases, forward-looking statements can be identified by terminology such as "may," "will," "should," "potential," "continue," "expects," "anticipates," "intends," "plans," "believes," "estimates," and similar expressions. For further cautions about the risks of investing in Tumbleweed, we refer you to the documents Tumbleweed files from time to time with the Securities and Exchange Commission, particularly Tumbleweed's Form 10-K Form 10-K A report required by the SEC from exchange-listed companies that provides for annual disclosure of certain financial information. Form 10-K See 10-K. filed March 16, 2005 and Form 10-Q Form 10-Q See 10-Q. filed November 2, 2005. Tumbleweed assumes no obligation to update information contained in this press release, which represents Tumbleweed's expectations only as of the date of this release and should not be viewed as a statement about Tumbleweed's expectations after such date. Although this release may remain available on Tumbleweed's website or elsewhere, its continued availability does not indicate that Tumbleweed is reaffirming or confirming any of the information contained herein. About Tumbleweed Communications Corp. Tumbleweed provides security solutions for email protection, file transfers, and identity validation that allow organizations to safely conduct business over the Internet. Tumbleweed offers these solutions in three comprehensive product suites: MailGate(R), SecureTransport(TM), and Validation Authority(TM). MailGate provides protection against spam, viruses, and attacks, and enables policy-based message filtering, encryption, and routing. SecureTransport enables businesses to safely exchange large files and transactions without proprietary software. Validation Authority is the world-leading solution for determining the validity of digital certificates. Tumbleweed's enterprise and government customers include ABN Amro, Bank of America
Bank of America (NYSE: BAC TYO: 8648 ) is the largest commercial bank in the United States in terms of deposits, and the largest company of its kind in the world. Securities, Catholic Healthcare West Catholic Healthcare West (CHW) is a California not-for-profit public benefit corporation that operates hospitals in California, Arizona, and Nevada[1]. As such, it is exempt from federal and state income taxes. , JP Morgan Chase & Co., The Regence Group (Blue Cross/Blue Shield), St. Luke's Episcopal Healthcare System, the U.S. Food and Drug Administration, the U.S. Department of Defense, and all four branches of the U.S. Armed Forces. Tumbleweed was founded in 1993 and is headquartered in Redwood City, Calif. For additional information about Tumbleweed go to www.tumbleweed.com or call 650-216-2000. Tumbleweed, MailGate, SecureTransport, Tumbleweed Validation Authority, Validation Authority and Desktop Validator are either registered trademarks or trademarks of Tumbleweed Communications Corp. in the United States and/or other countries. All other trademarks are the property of their respective owners. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion