CSPid is a virtual smartcard that maintains a central repository for X.509 certificates and private keys. It provides a secure environment for cryptographic operations that nearly all security-enabled applications can access via Java, PKCS#11, or Microsoft CAPI. It is available for, and compatible between, all 32- and 64-bit desktop versions of Windows, Linux, and Solaris/SPARC.
- provides a portable, operating system independent credential store that may be shared by all security-enabled applications
- simplifies enterprise-wide credential management; users need not replicate keys among applications, and may effortlessly migrate credentials between workstations
- provides administrative controls over user credentials; allows PKI enrollment, key rollover, credential backup, and other key management tasks to be automated in a user-transparent manner
- provides superior protection for private keys and overcomes password change/reset issues with Internet Explorer and Mozilla
- reduces help desk costs and PKI training requirements
NEW! CSPid release 4.0 includes the following enhancements:
- added support for centralized administration (with Bagala)
- added ability to cache DAS responses and support for the new DAS Proxy API
- improved FireFox integration
- Windows port now uses CSP/KSP and no longer relies on any Microsoft smart card components (i.e., the smart card minidriver shim in the diagram below has been eliminated)
- integrated certificate manager now sorts installed certificates into categories
Add-on DAS support allows CSPid to provide to all applications (including Outlook and Thunderbird S/MIME) high-assurance "role-based" signing and decryption operations that rely on remote private keys, possibly stored on an HSM (requires DAS 1.8 or above).