Joint News Release by Infineon and VeriSign
Munich, Germany / Mountain View, CA, USA – November 2, 2005 – VeriSign Inc. (NASDAQ: VRSN) and Infineon Technologies AG (FSE/NYSE: IFX), today announced they are jointly working to further extend the security level of personal computers at home and abroad by collaborating to increase levels of trusted computing solutions
for end-users. Under terms of the cooperative effort, VeriSign will certify Infineon’s Trusted Platform Module (TPM) Certification Authority with its Trusted Computing Root Certification Authority, enabling the secure creation and use of digital certificates on all computing systems powered by Infineon’s TPM solution.
To establish the basis for trustworthy communication and strong authentication, the Trusted Computing Group has introduced the concept of an Endorsement Key (EK) certificate as the only way for a TPM to prove its legitimacy. The EK certificate is an integral component of the Trusted Computing Environment, containing information
that identifies an operating platform as TPM-legitimate. In the chip manufacturing and production stage, Infineon will create and digitally sign an EK to confirm the authenticity and integrity of their TPM. VeriSign will then cross-sign the Infineon TPM Certification Authority with its own Trusted Computing Root Certification Authority, backed by their industry leading and well-established Certificate Policies and Practice Statement.
Additionally, Infineon will securely embed The VeriSign Class 3 Primary CA certificate into its TPM 1.2. This will provide a trust anchor for secure authentication services and encryption for networking applications, as well as a strong industry-wide PKI practice. By doing this, customers using Infineon TPM-enabled systems can maximize the legitimacy of their connection to, and data received from, another computing platform.
“The secure use of credentials is a major component of the TCG specifications. The Endorsement Key Certificate is a crucial component in the Root-of-Trust concept, underscoring the need for there to be the highest levels of trust during its creation and certification,” said Jim Ward, President of the Trusted Computing Group. “The secure implementation of the root of trust will be important to future network services.”
“The use of PKI-based digital certificates has become an underpinning of digital interactions across today’s global, digital networks. People take for granted how important they are to encrypting and protecting sensitive data,” said Nicolas Popp, Vice President, Authentication Services, VeriSign. “Through our work with Infineon, which will see VeriSign certificates embedded in the very heart of a computing environment, we can maximize the legitimacy of operating platforms.”
“Infineon, as a leading provider of TCG solutions, has put strong emphasis on the secure handling of key material”, said Thomas Rosteck, Senior Director and Head of the Product Line Trusted Computing at Infineon Technologies AG. “The cooperation with VeriSign provides trustworthy use of credentials which does bring benefits to PC manufacturers, system administrators and end users.”
Infineon is the world’s only supplier to offer their own comprehensive hardware and software solutions compliant with the TCG’s 1.1b and 1.2 specifications. Its
security solution features a secure chip hardware, a complete suite of embedded security and TPM system management utilities, as well as application software which simplify data protection through file and folder encryption protected with hardware-based key generation and storage. PC manufacturers benefit from Infineon’s TPM offering since it secures all core components of a security subsystem used for authenticity, integrity and confidentiality of data stored.
About TCG Specifications
The Trusted Computing Group (TCG), with more than 100 member companies, is a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications will enable more secure computing environments without
compromising functional integrity, privacy, or individual rights. The primary goal is to help users protect their information assets (data, passwords, keys, etc.) from compromise due to external software attack and physical theft. The Group was formed as a successor to the Trusted Computing Platform Alliance (TCPA), which was founded in 1999 by Compaq, HP, IBM, Intel and Microsoft. TCG has adopted the specifications of TCPA and will both enhance these specifications and extend the specifications across multiple platforms such as servers, PDA's, and digital phones. Further information on Trusted Computing Group (TCG) is available at
VeriSign, Inc. (Nasdaq: VRSN), operates intelligent infrastructure services that
enable and protect billions of interactions every day across the world’s voice and
data networks. Additional news and information about the company is available at