Microsoft Internet Security Framework

Microsoft's Internet Security Framework is a standards-based public-key security architecture on Windows® platforms. Microsoft's Internet Security Framework technologies include Certificate Services, Secure Channel security provider that implements SSL/PCT protocols, the SET secure payment protocol for credit card transactions, and Crypto API components for certificate management and administration.

Microsoft's Internet Security Framework is based on industry standards for public-key security, including support for RSA Public Key, X.509 certificate formats and PKCS standards.

Included in Windows NT 4.0

The current Windows NT 4.0 release includes the first components for using public-key security. These includes the following:

• CryptoAPI version 1.0, which provides programmer support for key generation and exchange, digital signatures, and data encryption using a provider architecture to support installable Cryptographic Service Providers
• Secure Channel implementation of Secure Sockets Layer (SSL) version 2.0 and Private Communications Technology(PCT) version 1.0 public-key security protocols
• Authenticode technology, a solution using digital signatures to verify the integrity of software downloaded from the Internet and to identify the software publisher

Included in Future Versions of Windows NT

The features of Microsoft Internet Security Framework (to be released in an upcoming version of Windows NT) include:

• Client authentication with SSL 3.0 based on public-key certificates
• Certificate services for issuing certificates
• CryptoAPI version 2.0 features with support for X.509 certificates and PKCS standards