PICA

Adam Cain (acain@ncsa.uiuc.edu)
Fri, 18 Oct 1996 15:08:56 -0500


Hopefully this ain't old bits for y'all.

Despite the none-too-informative acronym, I guess I'll have to give
it a few points (12 points, to be exact) over Microsoft CAPI in the
cross-platform department.

more info at http://www.rsa.com/

------------------------------------------------------------------------

( BW)(RSA-DATA-SECURITY)(SDTI) Apple, IBM, JavaSoft, Motorola,
Netscape, Nortel, Novell, RSA, and Silicon Graphics Announce PICA
Crypto-Alliance; Building Upon RSA's PKCS Standards Process and
Technology Submissions from Industry

Business Editors/Computer Writers

REDWOOD CITY, Calif.--(BUSINESS WIRE)--Oct. 17, 1996--Today
Apple, IBM, JavaSoft, Motorola, Netscape, Nortel, Novell, RSA, and
Silicon Graphics jointly announced their support for an effort
code-named PICA, or "Platform-Independent Cryptography API."

PICA(tm) builds on RSA's widely-adopted Public Key Cryptography
Standards (PKCS) process and technology submissions from several
companies.

The PICA alliance has been formed primarily to address potential
interoperability problems that may arise as cryptographic technology
moves into the mainstream software products of competing vendors.
With open development meetings scheduled for later on this year, PICA
vendors will attempt to "build bridges" between their differing
crypto approaches, and will look for ways to simplify the way
developers use cryptography on different platforms.

The PICA specification will be designed to allow developers to
introduce open, cross-platform, application independent security in
the same way that they introduce other features like graphics,
communications, and networking protocols. PICA should enable
developers to add security features such as SSL, DES, and smartcards
to electronic commerce, banking, EDI and other applications,
regardless of the platform on which those applications reside. PICA
will also be designed to make the task of developing differing
domestic and exportable security requirements much easier.

Jim Bidzos, RSA President, said, "The original PKCS group, with
members including Apple, Microsoft, IBM, Lotus, Nortel, Silicon
Graphics, Sun and many others, has been a place where competitors can
work together on crypto specifications since its formation in 1991.

"It is anticipated that the new PICA efforts will, within the
established PKCS framework, be closely coordinated with standards
bodies such as the W3C and the IETF. The members of the PICA effort
all have significant technology specifications to contribute; PICA
will combine the best of them to offer and open standard."

"The industry-wide effort is an important step towards
simplifying the way developers work with cryptography," he continued
"Once a niche application, sophisticated cryptography is making its
way into even the seemingly most pedestrian Internet applications --
and crypto is an important component in hot emerging segments such as
electronic commerce, Internet EDI and electronic cash."

"This is an exciting time for cryptography. The PICA effort will
better enable IBM's SecureWay cryptographic infrastructure to provide
a less complex, more modular way for developers to build applications
which make the Internet safe for business," said Kathy Kincaid,
Director of I/T Security Programs for IBM.

"This will do for security what HTML did for the Web," said Mike
Homer, VP Marketing for Netscape. "Netscape is happy to announce
that our client and server security infrastructure is built on
Intel's CDSA, a potential building block for PICA. We selected CDSA
because it has three attributes which are important to Netscape
products -- openness, interoperability and cross-platform support."

"The PICA alliance will make it easier for developers to provide
customers with important security features such as privacy of
communications, authentication of identity, and viable electronic
commerce in a platform-independent manner," said Larry Tesler, Vice
President of AppleNet and Chief Scientist for Apple Computer, Inc.

"We are encouraged to see the industry working with the PICA-PKCS
process to establish Internet security specifications to offer an
open standard, and we look forward to participating in the process to
lead its impact on Java," said Li Gong, security architect at
JavaSoft, a business unit of Sun Microsystems, Inc.

"Our goal is to integrate strong security into all applications,
ranging from commercial off-the-shelf to custom legacy applications,"
said Brad Ross, director of Business Development, Nortel Secure
Networks. "Towards that end, Nortel will be contributing APIs
developed for the Entrust family of encryption and key management
products, as well as our experience gained with real world solutions,
to the PICA effort."

Lenny Rosenthal, WebFORCE Group Marketing Manager at Silicon
Graphics, said "the recent proliferation of specifications in the
cryptography arena has not been beneficial to our WebFORCE Internet
Server customers or to the industry as a whole. PICA is going make
life a lot easier for developers, such as those using our innovative
COSMO authoring and development tools."

"We are encouraged by the formation of the PICA Alliance," said
Tom Arthur, VP of Novell's Internet Infrastructure Division. "Our
Novell Directory Services (NDS) represents the world's largest
commercial use of public key cryptography and is available on
multiple platforms. PICAA will make it easier for developers to
provide secure solutions built on directory services."

"With the PICA effort, Motorola will be able to continue to
improve the secure product offering and services we provide to our
customers," said Don Rothwell, vice president and director of
Motorola's Information Security Operations. "PICA will allow
exciting, new applications to reach the market more quickly than
previously possible."