There are issues with the enrollment protocols used today to distribute trusted identities to things. The latest standardized certificate enrollment protocol, Enrollment over Secure Transport (EST), solves these problems. “We are happy to announce that we are one of the first in the world to launch server-side support for EST in a commercially available certificate authority (CA) software,” says Martin Furuhed at identity and security company Nexus Group.
Things and software need trusted identities to be able to communicate securely and avoid hijacking. The trustworthiness of the identities is ensured by digital certificates, which are obtained either manually or via online services using different certificate enrollment protocols.
“EST offers a more streamlined process and is easier to handle than the certificate enrollment protocols that are used today. EST is also more secure and comprehensive,” says Martin Furuhed, product owner of Nexus Certificate Manager, one of the first commercial CA software’s to provide support for EST.
For example, EST offers re-enrollment for obtaining new client certificates as well as updating of CA certificates, which is important for life-cycle handling of devices and for meeting security requirements for the internet of things (IoT), according to Furuhed.
“We think that EST will become the most widely used protocol for obtaining and renewing certificates,” says Furuhed.
EST was standardized in 2013 as RFC 7030, with Cisco as the main contributor, and Cisco has built a reference implementation for testing purposes.
“EST is perfect for things such as ATMs, surveillance cameras, routers, servers and smart home devices. Now that there are commercial EST servers available, we believe the number of manufacturers that will build client support for EST will grow quickly. It is also possible to incorporate EST support with a firmware upgrade for existing devices,” says Furuhed.
Martin Furuhed, product owner Certificate Manager.
+46 703 21 92 96
Carolen Ytander, CMO at Nexus.email@example.com
+46 729 74 34 61
About Nexus Group
Swedish-owned Nexus Group is an innovative and rapidly growing product company, developing identity and security solutions. Our technology helps organizations digitize their operations in a secure way, by enabling e-commerce and online banking, enabling e-services in public sector, managing physical and digital access, securing access control, provisioning access cards, and protecting communication between things.
The very basis of all security, both physical and digital, is the creation, management, and use of identities. We have enabled trusted identities for people, software, and devices since 1984, and our technology is today relied upon by a large number of organizations and 100 million end users around the world. We are 300 employees across 15 offices in Europe, India, and the US, and we have a global partner network.
Nexus’s mission is to contribute to the formation of a secure society, and everything we do is guided by our core values: we care, we innovate, we are committed.