Netscape gets some security

NEW YORK--Hoping to improve the security in Net applications, Netscape Communications (NSCP) said today that it will integrate security technology from Intel into its upcoming Netscape Communicator and SuiteSpot 3.0 software.

The Intel technology, called Common Data Security Architecture, is meant to shield developers from the complexity of incorporating various security technologies, such as encryption, smart card support, or digital certificates, into their applications. For example, the CDSA application programming interface could allow a company to add its own proprietary encryption protocol into an intranet application.

Microsoft offers a comparable technology in Windows 95 known as Crypto API (CAPI), but Netscape executives contend that their version is more flexible. CDSA also makes it easy for companies to define "trust models" for applications. That means creating code that says, for example, who can get access to an intranet application and when, said Eric Greenberg, group security product manager at Netscape.

"This brings us to a new era of secure computing," Greenberg said. "This API is the seed so that people will be able to integrate security in a very integrated way."

Greenberg said CDSA is available on multiple platforms, unlike CAPI, which is only on Windows. Netscape said it will incorporate the CDSA API into products on all major operating systems including Windows, popular versions of UNIX, Macintosh, and OS/2.

Developers will not be able to use CDSA to boost the strength of Netscape's client and server encryption beyond what it allowed by U.S. export law, Greenberg said.