Facility Requirements
As discussed in Chapter 12, all sensitive PKI components must be adequately protected. As CAs are the most sensitive component within the PKI, appropriately-protected facilities must house them. Appropriate physical and procedural safeguards must also be established. Essentially, unauthorized access must be prevented and individual accountability should be maintained at all times.
Although the physical and procedural security associated with the RA components is typically not as stringent as that for a CA, it may be necessary to protect these components to some degree as well. Each organization should determine where these components will be placed and how they will be attended.
Get Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
