VeriSign goes Swiss as Web Services war brews

Boing cuckoo

ComputerWire: IT Industry Intelligence

VeriSign Inc CEO Stratton Sclavos sees 2003 as the year of the web services platform war, and wants to make his company as "Swiss" as possible, providing the security plumbing for multiple vendors' offerings.

Sclavos, talking to ComputerWire at VeriSign's web services strategy day in San Francisco yesterday, said the time has come for companies to forget the hype and buckle down to do the boring integration work, while the big platform players battle for developers.

"This is a phase that every long period in technology goes through," Sclavos told an audience of analysts and reporters. "A pit of despair where a lot of hard work goes on... We're reinventing the underlying infrastructure of software development."

"Scott McNealy was wrong. The network is not the computer, the network is the operating system," he said. "We will be calling assumed functionality from the network. It won't be DLLs stored in the OS as it is today, it will be web services found in UDDI directories and stored on the network."

"We have the large platform vendors ready to go to war," he said, alluding to the likes of Microsoft, IBM and BEA. This is a good thing, he said, as it means web services will go beyond its hype, unlike previous fads that had a similar vision and end goal but lacked big vendor backing.

"VeriSign tends to be neutral in platform wars," Sclavos said. The company sees itself providing the security plumbing for the platform and tools vendors, much like it provided the security infrastructure for virtually every browser during the emergence of the web.

VeriSign provided the digital certificates in the half dozen or so browsers that were around in the mid-nineties, and continues to provide them for Internet Explorer (huge), Netscape (challenger) and Opera (for the enthusiasts).

"SSL worked because the technology was fully embedded in these browsers, and because it only required one party to do something to enable it to work," he told ComputerWire. "We want to do the same thing here with the app server vendors and web services tools vendors."

As part of its strategy, VeriSign has released the Trust Service Integration Kit, which allows XML Encryption, XML Signature and XML Key Management Services (XKMS) and, separately, a free open source implementation of WS-Security. The company also plans to release a web services security gateway product next year (see separate story).

In terms of partnerships, Sclavos said web services platforms will be released by major vendors with VeriSign technology embedded during 2003. The company has announced close partnerships with Microsoft and IBM, and vendors including BEA, Sun and webMethods have expressed support for its framework.

But can you extend the web services platform market slash browser market analogy out to predict its long-term shape? Possibly, Sclavos said saying there is likely to ultimately be a "strong number one", a primary challenger, a smaller third player, and "pretty much everybody else becomes irrelevant."

© ComputerWire

Sponsored: Designing and building an open ITOA architecture