Thawte
From Wikipedia, the free encyclopedia
 |
|
| Thawte | |
|---|---|
| Type | Public key certificates |
| Current owner | VeriSign |
| Country of origin |  South Africa |
| Markets | World |
| Website | Thawte - Official website |
Thawte Consulting is a certificate authority (CA) for X.509 certificates. Thawte was founded in 1995 by Mark Shuttleworth in South Africa and is the second largest public CA on the Internet.
Contents |
[edit] Origins
Thawte was originally run from Shuttleworth's parents' garage. Shuttleworth's original project was to produce a secure server not fettered by the restrictions on the export of cryptography which had been imposed by the U.S. The server, Sioux, was an adaptation of the Apache HTTP server; it was later integrated with the Stronghold web server as Thawte began to concentrate more on their certification activities.
[edit] Sale
In 1999 VeriSign acquired Thawte in a stock purchase from Shuttleworth for US$575 million.[1] Both VeriSign and Thawte had certificates in the first Netscape browsers, and were thus 'grandfathered' into all other web browsers. Before VeriSign's purchase, they each had about 50% of the market. VeriSign's certificate rollover was due to take place on 1 January 2000 - an unfortunate choice considering the imminent Y2K bug. (Thawte had a similar rollover in July 1998.) The purchase of Thawte ensured there would be no business loss over Y2K.
Proceeds from the sale enabled Shuttleworth to become the second space tourist,[2] and to found the Ubuntu project.[3]
[edit] Web of trust
Thawte also provides free client certificates which can be used to sign emails or to assert one's identity to a web site.
With a Thawte FreeMail account, a person can create as many certificates as they want. Although each certificate can be associated with exactly one email address, multiple email addresses can be associated with a Thawte FreeMail account. So if a person has more than one email address, they can create a different certificate for each of them.
Associating the Thawte FreeMail account with the real identity of the person owning it is based on a Web of trust model (similar to CAcert.org). In this case, the person's identity is assured by meeting face-to-face with one or more Thawte Notaries who will need to see identification and keep a copy of it (for at least five years). Points are assigned by the notaries. The number of points a notary can assign ranges from 10 to 35. In general, the more experienced a notary is the more points they can assign (see table below). Notaries who were directly verified by Thawte, through events Thawte attended or held, automatically can issue 35 points without needing to gain experience.
The number of points determines what that person's account can do. With less than 50 points, the certificates issued will have "Thawte Freemail Member" in the name field. With 50 or more points, the certificates will have the person's name in it. The presence of the person's real name in the certificate can be useful for identifying the certificate (e.g. when stored in a key store) and to help the recipient to recognise and trust the certificate. For the purposes of signing and encrypting both types of certificates can be used in the same way, because both types of certificates has the person's email address in it.
With 100 or more points, a person becomes a Thawte Notary. When a person becomes a notary, they are initially listed underneath their country. They can change that location and add text to advertise the services they offer. Changes to the advertising text must be approved by Thawte and the notary is placed in a pending state while it waits approval. The approval process can take several weeks, during which the person's advertisement is not published and the system does not let them access it as a notary. Caution: new notaries are initially prompted to create an advertisement, and if they do that they will have to further wait until that text is approved before they are listed as notaries and can perform any notary duties. Cross notarisation is not allowed: a notary cannot notarise a person who had notarised them.
| Assertions made by the notary |
Maximum points that the notary may award |
|---|---|
| 0 | 10 |
| 5 | 15 |
| 10 | 20 |
| 15 | 25 |
| 25 | 30 |
| 35 | 35 |
[edit] See also
[edit] References
- ^ "VeriSign acquires Thawte, Signio for more than $1.2 billion". 1999-12-21. http://www.infoworld.com/articles/en/xml/99/12/21/991221enverisign.html. Retrieved on 2008-09-18.
- ^ "Soyuz Docks as Shuttleworth and Crew Begin Week-Long Stay at Station". SPACE.com. 2002-04-27. http://www.space.com/missionlaunches/soyuz_dock_020427.html. Retrieved on 2008-01-02.
- ^ "The Ubuntu Story". http://www.ubuntu.com/community/ubuntustory. Retrieved on 2007-10-21.
