mozilla.org to Include Open Source Security Technology, Completing Feature Set of Open Source Browser

Open Source Development Of Security Products Possible Worldwide, Enhancing Security and Privacy ForE-Commerce and Communication; Sun-Netscape Alliance To Contribute Source Code For Security Libraries

MOUNTAIN VIEW, Calif. (January 18, 2000) - mozilla.org, the organization that manages the open source development of the Mozilla browser (www.mozilla.org), today announced that it will be offering security technology as part of its open source project, adding a critical feature set to the Mozilla open source browser. The announcement coincides with the new US government export regulations that allow US-based developers to export encryption source code. mozilla.org can now provide free access to security source code worldwide, enable ongoing contributions and improvements by the development community and include security source code in mozilla.org releases. In addition, the Sun-Netscape Alliance announced plans to contribute the source code of its security libraries, including Network Security Services (NSS) and Personal Security Manager (PSM), to the Mozilla code base. This software comprises the core security architecture for most of the Alliance server products and Netscape client software. mozilla.org expects the first contributions of code from the Alliance to be made available by March 31, 2000, with continuing contributions thereafter.

"This contribution provides Mozilla with a high-quality open source security component for the browser. The benefit to the industry will only increase as security contributions to mozilla.org increase, enabling secure commerce and enhanced privacy around the world," said Mitchell Baker, chief lizard wrangler at mozilla.org. "Netscape (R) has been a corporate leader in advocating change to export restrictions on encryption and mozilla.org is gratified to see the Sun-Netscape Alliance continue this tradition by announcing its contribution of NSS and PSM to mozilla.org."

Security technology will now benefit more than ever from the open source development model. US-based open source developers can enjoy the benefits of security technology and developers can collaborate internationally to develop security technology for worldwide use. The Mozilla community will see benefits in both browser technology and in component technologies available to developers. The source code contributed by the Sun-Netscape Alliance can be used to provide Secure Sockets Layer (SSL) support in the Mozilla browser, allowing users to shop online while protecting the privacy of their sensitive data.

The libraries are highly modular and are therefore usable outside of the context of a web browser. This presents the opportunity to develop innovative new security-enabled products and services. Developers can do so quickly, internationally and with the confidence that the security technologies have been tested both by the Sun-Netscape Alliance and through the strength of the open source development method. Now mozilla.org can provide developers with a security-enabled Mozilla browser and with internationally usable, cross-platform security libraries for use with other technologies.

"The ability to include security technology in internationally available open source projects is a change of enormous importance to the open source community," said Matthew Szulik, president and CEO of Red Hat. "The Sun-Netscape Alliance's donation of source code to the Mozilla project verifies that open source computing makes sense for businesses, developers and end-users, and we anticipate that the Mozilla project will continue to provide users with the benefits that open source has to offer."

"With the release of this source code we are closer to the goal of having a complete set of highly secure and high quality open source Web client and server software," said Brian Behlendorf, president of the Apache Software Foundation and chief technology officer for Collab.Net. "As a result of the new US export regulations and initiatives like this, I expect that commercial-grade security will come to be a standard part of all open source software."

Personal Security Manager is a client-independent security module that performs security operations on behalf of an application. These operations include setting up an SSL connection, object signing and signature verification, certificate management including issuance and revocation, and other common Public Key Infrastructure (PKI) functions. Personal Security Manager will perform security functions for the latest release of the Mozilla web browser. Application developers can take advantage of the Personal Security Manager code base instead of writing their own security functions. Network Security Software (NSS) is a security software development package that provides easy-to-integrate, Internet-ready SSL and public-key security capabilities.

mozilla.org (www.mozilla.org) is the group founded by Netscape Communications with responsibility for making Mozilla a successful open source project; it exists to support the entire Mozilla community. mozilla.org provides a central point of contact and community for those interested in using or improving the Mozilla code base.

Product and brand names are trademarks of their respective owners.

About Netscape

Netscape is a leading provider of software and services for businesses that want to transform the way they create and keep customers in the emerging Net Economy. A division of America Online, Inc., Netscape is based in Mountain View, California. Additional information on Netscape is available on the Internet at http://home.netscape.com/ by sending email to info@netscape.com, or by calling corporate sales at 650-937-2555.