SSH to Introduce Two New Application Versions for the SSH Certifier PKI Product Family

OPSEC Certification and New Features Provide Users with Professional Public Key Infrastructure Management

Helsinki, Finland – September 24, 2002 – SSH Communications Security, a world-leading developer of Internet security solutions, today announced two improved versions of its Public Key Infrastructure (PKI) software products, SSH Certifier(TM) 2.1 and the second-generation SSH Token Master(TM) 2.0. Combined with a third member, SSH Accession(TM), the SSH Certifier(TM) PKI Product Family provides a complete certificate life cycle and token management system for advanced Public Key Infrastructure (PKI) deployment.

“By releasing a new 2.1 version of SSH Certifier we want to further enhance its status as a core product in our portfolio of PKI solutions. The software provides a solid platform for backend PKI services including certificate issuing (CA), user registration (RA), revocation, and directory publishing. On top of SSH Certifier, enterprise users as well as service providers can build reliable services such as Virtual Private Networks (VPNs), secure e-mail and e-commerce systems”, said Tatu Yl?¶nen Chief Technology Officer of SSH Communications Security.

Several new functionalities have been developed and implemented into SSH Certifier 2.1, which recently achieved an OPSEC(TM) certification from Check Point Software Technologies Ltd. The certification proves that SSH Certifier seamlessly integrates with Check Point’s VPN-1®/FireWall-1® Next Generation software products, forming together a centralized authentication key management solution for large-scale multi-vendor VPNs.

SSH Certifier 2.1 with its two main components, Certifier Engine and front-end Certifier Servers can now be installed on HP Secure OS Software for Linux 2.0 and HP-UX in addition to other platforms supported; i.e. Linux, Sun Solaris and Microsoft Windows. Latest version of SSH Certifier supports also Microsoft Active Directory publishing, qualified certificate extensions and, via standard CMPv2 messages, online key backup, revocation and recovery.

For large companies and organizations handling PKI services in-house, SSH Certifier 2.1 offers new certification policy modules that enable even faster deployment and out-of-the-box operation. Furthermore, the product allows administrators of large multi-CA distribution environments to build customized web enrollment pages for customer branding purposes. For optional third-party hardware security modules (HSM), SSH Certifier 2.1 is now provided with a support for PKCS#11 programming interface also known as Cryptoki.

Another product SSH Communications Security announced today, the SSH Token Master(TM) 2.0, is a second-generation token personalization solution that can be used to create electronic PKI contents in smart cards and USB tokens both in small departmental deployments and in large enterprises.

When portable security tokens such as smart cards are deployed in an enterprise, the electronic token contents identifying the user have to be created during the user registration. Therefore, capability to electronically personalize the token and enroll the certificate should be distributed within the end user organizations. As a Microsoft Windows -based product, SSH Token Master 2.0 provides an easy-to-use and lightweight user interface for implementing smart card personalization and related PKI functions in the enterprise environment.

New or improved features of SSH Token Master 2.0 include:
* Easy updating process of an already-personalized token
* Token personalization via PKCS#11 programming interface (including Aladdin eToken, Rainbow iKey, Gemplus GPK and Schlumberger Cryptoflex tokens)
* Online key backup and recovery functionalities
* Separated processes for initialization (creating of keys) and personalization (certificates) for enhanced security
* Support for multiple certificates per private key

“There are only few, if any, enterprise-level tools in the market that are able to deploy tokens while backing up the keys centrally and that allow personalizing the tokens on a need-to-have basis. SSH Token Master 2.0 delivers these both features in a most user-friendly and cost-effective way”, Yl?¶nen continued.

Product Pricing and Availability

The SSH Certifier 2.1 is scheduled to ship in October 2002, while the SSH Token Master 2.0 is to be made available already in the mid October 2002. Please contact SSH sales representatives for pricing and further details.

About SSH Communications Security

SSH Communications Security, a world-leading supplier of Internet security solutions, offers a broad range of award-winning products designed to address the most critical security issues for businesses, financial institutions and governments worldwide. SSH Sentinel(TM), a feature-rich remote access VPN “smart” client; and SSH Secure Shell, the award-winning product family, ensures secure remote access and data transfer. The SSH Certifier(TM) product family provides a robust certification authority for flexible and strong authentication through digital certificates and tokens. The market-leading, award-winning SSH IPSEC Express(TM) (Internet Protocol Security) family of toolkits for OEMs and software developers enables fast time-to-market and reduced in-house development costs. SSH is traded publicly on the Helsinki Exchanges under HEX:SSH1V. For more information, please visit

Don't miss