FOR IMMEDIATE RELEASE

CONTACT:                Jackson Shaw
                        Zoomit Corporation
                        Voice: (800) 565-5156, (703) 883-8252
                        Fax: (703) 790-5933
                        Internet: info@zoomit.com
                        X.400: s=info;p=zoomit;a=attmail;c=us


Zoomit Corporation announces secure remote e-mail and file
access coupled with a Certificate Manager and a public-key
management system based on RSA encryption and
authentication.

REDWOOD SHORES, CA, 9 JANUARY 1995 -- At the 1995 RSA DATA
SECURITY CONFERENCE, the Zoomit Corporation announced the release
of RemoteLink Plus a secure remote e-mail and file access
solution, coupled with a Certificate Manager application and a
public-key management system based on International
Telecommunication Union's X.509 Authentication Framework and RSA
Data Security Inc.'s encryption and authentication services.

RemoteLink Plus provides a user with secure remote connectivity
to a user's LAN.  It lets a user connect to the office server to
access the e-mail message-store and file system.  The RemoteLink
Plus e-mail module allows the origination and reception of e-mail
from any location in the world where a telephone line is
available.  This is done on the remote PC using the same
Windows-based e-mail user agent that is used in the office
environment.

RemoteLink Plus synchronizes messages held in the message-store
on the server with those held on the remote PC's message-store,
allowing a user access to e-mail that has originated or been
received while working on the LAN or in a remote location.

In addition, RemoteLink Plus synchronizes the enterprise-wide
directory available on the LAN with a copy held on the remote PC,
thus allowing full e-mail directory access to remote users.  The
directory may be configured for each user based on individual
requirements.

RemoteLink Plus's File Exchanger module provides access to the
LAN's file system.  This module allows users to browse the file
system remotely with Microsoft Windows' file open dialog box.
Once a file is selected, a put or fetch operation is all that
is required to transfer files between the remote PC and the
server's file system.  Remote access to the server is provided
via dial-up and via a network connection.  Dial-up connectivity
is provided using X.25 and the new Asynchronous Protocol
Specification, an industry-standard for asynchronous
communications over dial-up telephone links.  Network access is
available using TCP/IP either from a remote location on the
Internet, or via SLIP or PPP access to the TCP/IP network.

RemoteLink Plus imbeds RSA cryptographic techniques to encrypt
the data sent over the communication link, to perform a two-way
strong authentication between the remote PC and the LAN's server,
and to implement access control (via PIN) to the RemoteLink Plus
client software to authenticate users prior to the use of the
system.

The RemoteLink Plus client software provides a means of producing
new key pairs for a user, the modification of the user's PIN (a
password string), and the submission of certificate requests to
the Certification Authority (CA).

The CA makes use of Zoomit's Certificate Manager application to
perform certificate management functions including user
initial-key preparation, certificate request submission
processing, key-revocations, and key-escrow (optional) functions.
Public-key material is distributed by the Certificate Manager
using X.500, other types of distributed (non-X.500) directories,
or a file system.

Zoomit's public-key management system implementation provides
among other things a capability to set, implement, and exert an
enterprise-wide security policy.  This policy is set by the CA,
based on organizational requirements.  The process of
implementing the policy starts at user key initialization time
when the CA creates a Starter Key for a user.  This key can only
be used to produce encryption and digital signature key pairs,
and subsequently submit a certification request.  The private key
and the user's certificate hold the security controls set by the
CA which include:  PIN validity and time-out periods, the minimum
PIN length, the length of a random number used to authenticate
users submitting certificate requests, the selection of
encryption-key escrow (optional) by the CA, and the range of
security labels (if any) that a user can use to label data (e.g.,
Company Confidential).

Zoomit makes extensive use of RSA Laboratories Public Key
Cryptography Standards and the International Telecommunication
Union's X.509 Authentication Framework standard.  Zoomit's
implementation uses the following standards:  ITU's X.228, X.420,
X.509, X.520, X.521; PKCS #1 (RSA Encryption Standard), PKCS #5,
(Password-Based Encryption Standard), PKCS #6
(Extended-Certificate Syntax Standard), PKCS #8 (Private-Key
Information Syntax Standard), and PKCS #10 (Certification Request
Syntax Standard).

###

About Zoomit Corporation

Founded in 1988, Zoomit is focused on helping companies turn
proprietary platforms into open, secure, and interoperable
systems.  The company's messaging and directory products provide
interoperability between Banyan, Novell, DEC, IBM and other
electronic mail and directory systems.  Zoomit is a leading
provider of X.400 and X.500 products for Banyan VINES.  There are
currently over 400,000 users of Zoomit's VINES 400 RTS (X.400
gateway/MTA for VINES) product.  Zoomit has offices in
Washington, DC and Toronto, Ontario.
