CSP^id is a virtual smartcard that maintains a central repository for X.509 certificates and private keys. It provides a secure environment for cryptographic operations that nearly all security-enabled applications can access via Java, PKCS#11, or Microsoft CAPI. It is available for, and compatible between, all 32- and 64-bit desktop versions of Windows, Linux, and Solaris/SPARC.

CSP^id

• provides a portable, operating system independent credential store that may be shared by all security-enabled applications
• simplifies enterprise-wide credential management; users need not replicate keys among applications, and may effortlessly migrate credentials between workstations
• provides administrative controls over user credentials; allows PKI enrollment, key rollover, credential backup, and other key management tasks to be automated in a user-transparent manner
• provides superior protection for private keys and overcomes password change/reset issues with Internet Explorer and Mozilla
• reduces help desk costs and PKI training requirements

NEW! CSP^id release 4.0 includes the following enhancements:

• added support for centralized administration (with Bagala)
• added ability to cache DAS responses and support for the new DAS Proxy API
• improved FireFox integration
• Windows port now uses CSP/KSP and no longer relies on any Microsoft smart card components (i.e., the smart card minidriver shim in the diagram below has been eliminated)
• integrated certificate manager now sorts installed certificates into categories

Add-on DAS support allows CSP^id to provide to all applications (including Outlook and Thunderbird S/MIME) high-assurance “role-based” signing and decryption operations that rely on remote private keys, possibly stored on an HSM (requires DAS 1.8 or above).