SOURCE: MashSSL Alliance

March 22, 2010 08:00 ET

Cloud Security Alliance and MashSSL Alliance Enter Affiliate Partnership

Alliances Announce Cross Membership and Commitment to Accelerate Movement to Secure Clouds and to Bring Back Visibility and Control Into Clouds

BARCELONA, SPAIN--(Marketwire - March 22, 2010) - The Cloud Security Alliance, the industry's pre-eminent locus for shaping the future of secure cloud computing, and the MashSSL Alliance, an organization of industry leaders evangelizing the next generation SSL standard suitable for cloud computing, have announced at the SecureCloud 2010 conference that they are joining forces to further accelerate the adoption of secure cloud computing.

"The CSA has grown by leaps and bounds since our introduction at the RSA conference last year, and the guidance we produced has served as a valuable reference for numerous enterprises," said Jim Reavis, Chair of the Cloud Security Alliance. "Our goal is now to make concrete the basic building blocks needed for secure cloud computing, and we wish to do so using proven, open standards that already have broad industry support. MashSSL is clearly one such building block which has wide support among industry leaders and will be an integral part of the emerging architecture for secure clouds. We are pleased that the MashSSL Alliance has decided to join the CSA and to continue evangelizing our efforts."

"The Cloud Security Alliance and its guidance has been an extremely valuable resource for enterprises as they seek the safest path to realizing the tremendous benefits cloud computing brings to their business," said Siddharth Bajaj, Principal Innovation Group, VeriSign, who also serves as the Chair of the MashSSL Alliance and the W3C MashSSL XG. "As the CSA now moves into identifying the concrete building blocks for the new protocols that are emerging to build a secure cloud platform, we welcome their joining the MashSSL Alliance, as MashSSL certainly supplies one of the key missing ingredients. The MashSSL Alliance looks forward to working actively with the CSA to further the cause of ensuring the rapid adoption of cloud based services."

MashSSL repurposes the tried and tested SSL trust infrastructure to solve the new problems that the emergence of virtualization, clouds and mashups pose. It is as fundamental a building block to this new environment as SSL was to the development of eCommerce. Originally developed as a proprietary technology by SafeMashups Inc., it has since been released as an open standard under the Open Web Foundation agreements and is now under the stewardship of the MashSSL Alliance and the W3C MashSSL XG where it is going through the steps of being standardized. Open source implementations of the specification are available at

"A perceived lack of visibility, control and the ability to prove compliance remain the most significant objections to enterprises who would otherwise more rapidly embrace cloud services," said Ravi Ganesan, CEO SafeMashups, a member of both the MashSSL Alliance and the CSA. "We need to quickly coalesce around the standards being developed by the CSA, the MashSSL Alliance, and other related efforts such as A6, OCCI, ENISA's CAM, etc., and act expeditiously to introduce trust into the cloud eco-system."

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, the Cloud Security Alliance Web site is

About MashSSL Alliance

The MashSSL Alliance was formed by leading providers of trust services to standardize an open version of the proprietary MashSSL protocol developed by SafeMashups Inc. The organization's main purpose is the evangelization of the standard, with the actual standards work happening under the auspices of the W3C, via the W3C MashSSL XG. The founding members of the Alliance include leading SSL certificate vendors Comodo, DigiCert, Entrust and VeriSign; leading providers of security technology and services Arcot, Cenzic, ChosenSecurity, DenimGroup, OneHealthPort, QuoVadis, SafeMashups and Venafi; leading security research institutions Institute for Cyber Security, UTSA, MIT Kerberos Consortium and Secure Business Austria, and noted industry security experts. More information can be found at

Contact Information

  • Media Contacts
    Zenobia Godschalk
    ZAG Communications for the Cloud Security Alliance
    Email Contact

    Elizabeth Safran
    Looking Glass Public Relations for the MashSSL Alliance
    +1.212.740.1037 (office)/+1.408.348.1214 (cell)
    Email Contact