 |
|
|
 |
 |
 |
 |
 |
 |
 |
 |
Tumbleweed Press ReleasesFederal Interagency Working Group Qualifies Tumbleweed PKI Validation Solution For Use In Federal Bridge-Enabled EnvironmentGSA-Chaired Path Discovery & Validation Working Group Names Tumbleweed Validation Authority to List of Qualified Validation Solutions Redwood City, CA – March 1, 2006 – Tumbleweed® Communications Corp. (NASDAQ:TMWD), a leading provider of e-mail security, file transfer security, and identity validation solutions, today announced that the Federal Public Key Infrastructure (PKI) Policy Authority’s Path Discovery and Validation (PD-Val) working group has qualified the Tumbleweed Validation Authority™ (VA) and Desktop Validator™ (DV) for Federal government agencies employing enterprise-level, real time validation of digital certificates. Agencies can use Tumbleweed VA and DV to implement a complete solution for enabling interoperability among multiple PKIs in the Federal Bridge-enabled environment. Tumbleweed VA’s real time validation capabilities are essential for protecting critical information infrastructures in large scale distributed computing environments, and for enabling the trusted relationships essential for secure and assured communications. The process for establishing a trust relationship between two distinct entities, or certificate authorities, is called cross-certification. Cross-certification establishes how each entity agrees to trust and rely upon each other's public key certificates as if they had issued them themselves, enabling their respective users to interact securely. The government created the Federal Bridge Certificate Authority (FBCA) to provide an environment in which Federal agencies can request and perform cross-certification with other PKIs, which allows all entities participating in the FBCA to recognize and trust digital signatures and certificates sent from and between participating organizations. Currently, 13 PKIs have cross-certified with the FBCA, including the US Department of Defense, seven Federal agencies, the State of Illinois, and Wells Fargo. For cross-certification of multiple agency PKIs to work, each agency must implement a path discovery and validation solution capable of locating the correct certificate chains of trust (Path Discovery) and determine the validity and status of these trust relationships. To ensure compatibility and interoperability of such solutions within the FBCA, the National Institute of Standards and Technology (NIST) designed the Public Key Interoperability Test Suite (PKITS) and the Path Discovery Test Suite for use in evaluating and qualifying certificate validation solutions. Chaired by the General Services Administration (GSA), the PD-Val working group makes recommendations on infrastructure and desktop solutions that will facilitate certificate validation, and its recommendations are based on the applicant’s test results derived from the GSA’s E-Authentication Lab. Enspier, which operates the interoperability laboratory under the auspices of the E-Authentication program, conducted extensive and rigorous tests on the Tumbleweed server and desktop components according to NIST’s specifications. At the completion of the testing process, the PD-Val working group reviewed the results and recommended the inclusion of Tumbleweed's solution on the Qualified Validation List. The technical synopsis of the PD-Val evaluation and recommendation was posted online on February 8, 2006, and is available via the following link: http://www.cio.gov/fbca/validation_solutions.htm. “Tumbleweed’s PKI validation solution addresses Federal agencies’ requirements for a secure, reliable, and consistent method of path discovery and validation for realizing the benefits of cross-certification and extended interoperability of information and Internet communications systems,” said Tumbleweed’s Vice President, Federal Sales, Ann Smith. “As the provider of the most complete server and desktop validation solution to be qualified for the Federal Bridge, Tumbleweed is well positioned to help cross-certified Federal agencies achieve trusted communications in compliance with E-Authentication and other security initiatives, not only between agencies, but with other private and public sector organizations in the U.S. and abroad.” The PD-Val working group’s efforts are critical to achieving secure and assured communications among Federal agencies participating in the FBCA environment. In addition to enhancing the FBCA environment’s operational capabilities, the rigorous testing and qualification process provides a framework that will also help Federal agencies align their efforts with other E-Authentication initiatives such as Homeland Security Presidential Directive 12 (HSPD-12), which calls for a mandatory, government-wide standard for secure and reliable forms of identification, and Federal Information Processing Standard (FIPS) 201, which specifies the architecture and technical requirements for a common identification standard for Federal employees and contractors. Utilizing Tumbleweed Validation Authority and Desktop Validator, systems and end-users within any agency could seamlessly verify and validate certificates (used for authentication, digital signatures, etc.) from systems and end-users within other agencies that have cross-certified with the FBCA. Simultaneously validating identity and trust relationships with other government and commercial entities offers a number of benefits in terms of enhanced security and improved efficiencies. As an example, Federal Contractor employees often do work for multiple agencies, and the ability to validate credentials and trust via the FBCA environment minimizes the number of smart cards an individual would need to carry, while reducing the need for additional credentials, since the same credential could be used for physical and logical access as well as for secure messaging, cryptographic log-on, web access, wireless, VPN, or other electronic transactions. About Tumbleweed Validation Authority SAFE HARBOR STATEMENT Except for the historical information contained herein, the matters discussed in this press release may constitute forward-looking statements that involve risks and uncertainties that could cause actual results to differ materially from those projected, particularly with respect to the qualification and deployment of Tumbleweed’s products by the U.S. government, as well as the functionality and performance of Tumbleweed products. In some cases, forward-looking statements can be identified by terminology such as “may,” “will,” “should,” “potential,” “continue,” “expects,” “anticipates,” “intends,” “plans,” “believes,” “estimates,” and similar expressions. For further cautions about the risks of investing in Tumbleweed, we refer you to the documents Tumbleweed files from time to time with the Securities and Exchange Commission, particularly Tumbleweed's Form 10-K filed March 16, 2005 and Form 10-Q filed November 2, 2005. Tumbleweed assumes no obligation to update information contained in this press release, which represents Tumbleweed’s expectations only as of the date of this release and should not be viewed as a statement about Tumbleweed’s expectations after such date. Although this release may remain available on Tumbleweed’s website or elsewhere, its continued availability does not indicate that Tumbleweed is reaffirming or confirming any of the information contained herein. About Tumbleweed Communications Corp. Tumbleweed, MailGate, SecureTransport, Tumbleweed Validation Authority, Validation Authority and Desktop Validator are either registered trademarks or trademarks of Tumbleweed Communications Corp. in the United States and/or other countries. All other trademarks are the property of their respective owners. ###
|
Products |
 |
 |