Verisign distributes authentication across web

Verisign has developed a way of distributing digital certificate information across multiple servers and allowing users to access them from any internet terminal.

The security company claimed that this method is more secure than keeping digital certificate information in a central repository because the data is spread across different servers on the internet.

Users are also able to access the information from any internet client which may hold their details, instead of being tied to devices such as their own PCs.

Certificates are used to authenticate users to allow them to access private information or carry out web based transactions. Public key interfaces to unlock the certificates are usually kept at trusted third parties, such as web based business-to-business exchanges, or with companies including Verisign.

Judy Lin, Verisign's vice president of engineering, said: "We've removed the single point of attack because the certificate information is stored as pieces on the internet." The information is reconstituted by user passwords.

But observers warn that the distribution of data could slow systems down. Martin Marshall, an analyst with Zona Research, said: "The extra processing involved in assembling the fragments will certainly add to the computational load of the local servers, potentially dragging out response time."

He added that although Verisign may be able to mask this by beefing up the servers, users could still experience latency on their local access servers. Lin, however, said that any latency experienced is insignificant, according to tests by Verisign.