Resources
PKI Disclosure
Licenses & Approvals
E-Sign
Publications
Home > Repository

Year 2000 Compliance Statement

UPDATED 12/05/01
Re: Y2K MIGRATION COMPLETE

VeriSign is pleased to report the successful completion of Y2K remediation, testing, and service validation efforts, and the migration of its systems through the year 2000. This document is a response to requests for information regarding VeriSign's Y2K Program and outlines VeriSign's efforts and progress in identifying and resolving any problems relating to the new millennium.

This is a report on our preparation efforts, not a warranty or representation about the performance of our products and services. Please see the agreements under which we provide products and services for warranties and similar provisions. This information provided as a follow-up to the Year 2000 Readiness Disclosure (required under the terms of the Year 2000 Information and Readiness Disclosure Act). Please be aware that the solutions and information described in this letter and elsewhere on VeriSign's web site are not universally applicable, but instead apply uniquely to VeriSign.

Y2K PROGRAM BACKGROUND
In January 1998, VeriSign established a task force of Engineering and Information Services personnel to create an action plan, inventory our products and systems, design appropriate verification methods, and identify required modifications. Our Engineering team tested all internally developed code for VeriSign Retail, Managed PKI, Affiliate, and SET (Secure Electronic Transactions) services for Y2K compliance. In addition, the Information Services team completed an inventory and identified all production services software and hardware that needed to be upgraded. We identified our major vendors, suppliers and other third parties with which our systems routinely interact and verified that these supporting components are Year 2000 compliant. VeriSign has also conducted infrastructure platform tests on all critical equipment and 3rd party applications used in our production services environment to ensure its Year 2000 compliance. We completed all necessary upgrades of the production services platform to Y2K compliant models and versions as end of Q2 1999. We completed certificate lifecycle testing on a test bed configuration. To address any customer issues and inquiries during the rollover transition, we also developed the Team 2000. Team 2000 was on site during the midnight crossing (December 31, 1999). This team had representatives from Engineering, Production Services, Facility Planning, and Customer Service who were available to handle any potential problems throughout the transition. Through all of these efforts, we have found no problems with the dates fields in our services or any other problems with regards to Y2K.

There were four components to VeriSign's Year 2000 Project:
  1. Production Architecture Upgrades
  2. Corporate/Business Applications
  3. Infrastructure Testing
  4. Certificate Lifecycle Testing
Component Description
   
Production Architecture Upgrades (Systems, Network components, etc.) All Production equipment used in customer lifecycle functions (such as certificate issuance, revocation, and so on) was upgraded or replaced as appropriate for Y2K compliance. All testing and implementation is complete.
Corporate/Business Applications Systems (such as Financial, Customer Support systems, and so on) All systems were upgraded or replaced as appropriate. Testing and implementation is complete.
Service Infrastructure Testing Tested individual H/W components including; system, network and database platforms. Also tested software components; including operating system, 3rd party vendor applications (such as web server, database, and so on), ancillary utilities (such as. monitoring/backup tools), and internally developed VeriSign application software.
Certificate Lifecycle Testing Certificate lifecycle testing – enrollment, approval, issuance, rejection, reissue and replacement – was conducted for SET, Affiliate Service Center, Managed PKI, Retail (Class 1 and Class 3).

VeriSign's certificates are compliant with international standards that address the Y2K problem. If you would like to download a test Secure Server certificate to use in your test environment, please use the following URL:


For additional information regarding VeriSign's Y2K compliance, please access the following URL: