This is a copy of the C2Net Press Release from 24 Mar 1997
Oakland, CA -- C2Net Software, Inc., and UK Web, Ltd., announced today the 1.0 release of a new product, "SafePassage Web Proxy." This product, developed entirely outside of the United States, provides full-strength, non-escrowed cryptography for users of any standard web browser.
No weak codes
"We don't believe in using codes so weak that foreign governments, criminals, or bored college students can break them," said C2Net President Sameer Parekh, "we also oppose plans to put all your cryptography keys in a few places, where they can be sold to the highest bidder by traitors like Aldrich Ames. Some companies are starting to release products that use this so-called 'key recovery' technology, but this will only create fat, tempting targets for hackers and spies -- and they're still restricted to short key lengths, such as 56 bits."
Current "export" versions of Netscape Navigator and Microsoft Internet Explorer use a weak cipher that has been broken by online groups, such as the "Cypherpunks." Companies like HP and IBM, bowing to government pressure, have been promoting seemingly innocuous "key recovery" plans that would require centralized key storage and easy government access to -- or abuse of -- cryptography keys.
SafePassage Web Proxy Fortifies Browsers
SafePassage is an enhancement for "export" browsers, an add-on product that works with any standard web browser. Acting as an intermediary, or proxy, it intercepts weakly encrypted connections on their way out and transforms them to use full-strength cryptography. "The weak connection never leaves your PC," explains Parekh, "it gets decrypted and then re-encrypted with a full-strength cipher."
"This is part of our overall strategy to provide strong cryptography world wide," said Parekh, "SafePassage is an add-on for web browsers, and Stronghold, our web server, can be used as an add-on for existing servers. Our plan is to offer a complete line of products for securing Internet communications in this fashion."
Some examples of how SafePassage can be used:
A multi-national corporation can use SafePassage to secure a far-flung Intranet that travels over insecure channels. Overseas banks can distribute SafePassage to their customers, to ensure that their transactions are secure and private. Internet Service Providers can provide SafePassage as part of the startup package to new users, so that they can connect securely to commercial sites around the world.
"We're still learning new ways that folks would like to use SafePassage," commented C2Net VP Douglas Barnes, "the response during the beta period has been overwhelming."
"SafePassage is the perfect complement to the Stronghold web server," said Mark Cox, Stronghold Product Manager for UK Web. "we've been marketing the international version of Stronghold with full strength cryptography for six months now, but we knew we would need matching strong cryptography on the browser side as well. SafePassage Web Proxy answers this need."
SafePassage provides secure connections using strong cryptography for any browser that supports standard SSL tunneling, a feature normally used by firewall software. It currently runs on Windows 3.1, Windows 95, and Windows NT.
Evaluation versions of SafePassage can be downloaded at no cost from UK Web's site at: http://stronghold.ukweb.com/safepassage/. It is currently unavailable for distribution within the US and Canada, but a domestic version will be made available in the near future. A single- user license is $49, prices for volume licensing start at $995 for fifty users.
UK Web Limited is a leading Internet services company specialising in server technology, Internet security, business solutions and effective site design.
C2Net is the leading worldwide provider of uncompromised network security software.
Netscape Navigator and Netscape Enterprise are trademarks of Netscape Communications Corporation. Microsoft Internet Explorer and Microsoft Internet Information Server are trademarks of Microsoft Corporation. Stronghold and SafePassage are trademarks of C2Net Software, Inc. Portions of Stronghold were developed by the Apache Group, and are taken with permission from the Apache Server. Stronghold and SafePassage include portions developed by Eric Young.