Tokyo – June 26, 2008 – GMO Hosting & Security consolidated subsidiary and digital authentication service provider, GlobalSign announces the launch today of a SHA-2 Algorithm Test Certificate Issue Service.

Next Generation Cryptographic Algorithms
Currently the key cryptography algorithms for SSL server certificates in standard use are the hash function SHA-1 and RSA (1024 key length). In consideration of improved computing power and vulnerability issues, to maintain security the NIST (National Institute of Standards and Technology [US]) has advised that transition to a new cryptographic algorithm is required by 2010.
In Japan the Cryptography Algorithm SHA-1 and RSA1024 Transition Policy was released on April 22 this year by decision of the NISC (National Information Security Center) Information Security Conference. The policy outlines plans to complete transition to a new cryptographic algorithm by 2013.
The current EV SSL Guidelines state that the stronger key length RSA2048 is required by subscriber certificates with validity beyond December 31, 2010. SHA-1 will remain in use until the majority of browsers have adopted SHA-2 however the EV SSL Guidelines strongly endorse SHA-2.

This means that for SSL server certificates with multi-year validity the time for transition to a new cryptographic algorithm is fast approaching.

Transition Not Progressing
The transition to next generation cryptographic algorithms requires adoption of the algorithm by operating systems, applications, middleware and other environments. In addition, SSL encrypted communications are now not only carried out by software, but also by browsers on networking equipment and built in devices as well as a wide range of other equipment. In Japan, mobile phone SSL accounts for a particularly large share of the market. Some older handsets will not be compatible with the new cryptographic algorithms and this is one of the major factors holding up transition.

In this environment in which it is relatively difficult to proceed with the replacement of algorithms, it is important to begin efforts towards transitioning as soon as possible. However the transition to new cryptography algorithms is not currently proceeding at a pace in line with government recommendations.

The GlobalSign Transition
The government recommended deadline for the shift to new cryptography algorithms in Japan is three years later that that of the US. Even with this extended timeframe common use is as yet nowhere in sight and it has been indicated that the transition is likely to fall behind schedule.
We believe that in order to maintain secure key cryptography in the PKI (Public Key Infrastructure) at the core of GlobalSign digital certificate services it is necessary to complete the shift to a new generation algorithm before current cryptography algorithms become vulnerable.
As part of this effort as global pioneers we are issuing free SHA-2 test certificates not yet issued by any other certificate vendor. We are actively contributing to the transition to new generation cryptography algorithms by having companies developing browsers and digital equipment carry out tests using certificates close to actual specifications.

SHA-2 Test Certificate Specifications
- RFC3280 standard X.509 compliant
- SHA-2 family SHA-256 algorithm
* GlobalSign services have already adopted RSA2048.

Test Certificate Use: Caution
- Test SSL Server Certificates are intended only for operation testing. They are not intended for actual use on commercial web sites.
- Please install a test root certificate on browsers to be connected.

GlobalSign
GlobalSign began providing digital authentication services to Belgium ten years ago when digital authentication companies were first beginning to appear. Customers include a number of Belgian government agencies and the GlobalSign Certificate Authority operates many prestigious government projects such as eID*(BELPIC). We are recognized as the Belgian Government Certificate Authority. GlobalSign became a member of the GMO Internet Group in 2006 and is expanding sales of government-level security Japan and worldwide.
*eID: A citizen ID card. This is the first stage of the e-government project in Belgium. The ID card containing a digital certificate is distributed to all Belgian citizens over the age of 12.

Performance: (cumulative figures)
- Over 100,000 SSL Server Certificates issued
- Over1.4 million digital certificates (for web sites, IC Cards etc. including Digital IDs) issued
- Over 20 million certificates worldwide rely on the public trust provided by the GlobalSign root (including issues by subordinate CAs)
- We supply many major government agencies and major corporations

Profile
- The first certificate authority in Europe to obtain WebTrust accreditation
- CABF (CA/Browser Forum) member In Japan GlobalSign (formerly GeoTrust JAPAN) participates as a member of JCAF (Japan Certification Authority Forum)
- Anti-Phishing Working Group member

Media Inquiries
GMO Hosting and Security Inc. Corporate Planning Department
E-mailFpr@gmo-hs.com
GMO Internet Inc. Group PR Team
E-mailFpr@gmo.jp

The GMO Internet Group
The GMO Internet Group is a leading force in the Internet industry offering one of the most comprehensive ranges of Internet services in Japan. We hold top domestic market shares in domain registration, web hosting and payment processing and we provide a host of other services including e-commerce solutions and Internet advertising to individual and corporate customers. Striving to redefine the industry and foster a vibrant Internet culture, the GMO Internet Group is continuously working to inspire enthusiasm in our customers and put smiles on their faces.

GlobalSign K.K.