DigiCert QuoVadis

For More Information

Contact QuoVadis at
+44 (0)333 666 2000


News and Events

Root Signing: Secure Communications win everyday business
10 Mar 2010

In modern business, online tools such as the Internet and email have become indispensable. To provide security for their e-business, many companies use digital certificates and Public Key Infrastructure (PKI), whose standards-based technology is well adapted in most software.

While an in-house corporate Certification Authority (CA) provides benefits in terms of cost and control, there are also major disadvantages. Most notably, private CA certificates are not trusted by default in browsers and email software, leading to warning messages and uncertainty among users.

Global Reliability
Root signing by a trusted CA like QuoVadis improves the flexibility of in-house CAs, by ensuring that the company’s certificates are recognized by the widest range of software used by employees and customers. By linking the corporate CA to an internationally recognized certification provider, users will not receive confusing “trust” warnings or need to manually install CA certificates on their computers.

The corporate IT department of the Swiss Migros Group experienced these issues when they introduced their in-house CA. “Some users were overwhelmed when faced by error messages in their browser or email software saying that our certificate was not trusted,” says Rudolf Gisler, IT Application Security Officer at Migros Cooperative Alliance.

Positive Feedback
"Within the Migros Group, which includes approximately 84,000 people, we moved towards root signing four years ago. This allows us to guarantee that our company's certificates are automatically classified as trustworthy in the common operating systems and browsers - from a user perspective, a huge step forward," continues Gisler. "The complaints have stopped since then. No negative feedback for us is the best confirmation that now everything works just fine."

One benefit of root signing is that internal business processes can continue to evolve naturally, along with the corporate CA. Employees and customers are barely aware of the enhancements in communication security over the Internet. But the cost is a major selling point, as root signing enhances the organisations own certificates, which would be a considerable expense if they were issued by outside service providers.

Cost as a Decision Factor
"Root Signing is an inexpensive alternative for corporations, without the complex acceptance processes to distribute private roots across the array of software vendors,” said Carl Rosenast, CEO of QuoVadis in Switzerland. “The digital certificates can be used internally, as well as gain immediate worldwide recognition for external users.”

Secure communications
While small and medium-sized businesses grapple with enabling secure online communications, including encryption and authentication, big corporations have long been dealing with these issues. "Today, normal business operations rely heavily on the Internet, which provides efficiency but also raises concerns about security. For a company the size of Coop, the use of certificates is imperative to ensure our credibility," said Sidney Soejima, head of cyber security at the Coop.

For Coop, which deals every day with thousands of suppliers and business partners, a solution with self-signed certificates was not possible due to the external support considerations. "From a technical perspective, root signing is a simple undertaking. While the conditions imposed by the CA for the implementation represent a certain organizational challenge, they are a worthwhile effort in improving the PKI and increasing its reliability," says Soejima. Furthermore, the procedure and the requirements for all competitors and business partners are the same, which creates additional confidence, says Soejima.