O'Reilly logo

Windows Server® 2008 PKI and Certificate Security by Brian Komar

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 13. Role Separation

An important step in designing and implementing a public key infrastructure (PKI) is determining the groups or users who will manage it. To facilitate secure administration of Certificate Services, both the Windows Server 2003 Certificate Services and Windows Server 2008 Active Directory Certificate Services (AD CS) support Common Criteria role separation. Common Criteria role separation requires that PKI management be configured so that no single person has full control, thereby protecting an organization against a "malicious PKI administrator."

There are other roles that must be considered when designing and implementing your organization’s PKI in addition to the roles defined in the Common Criteria protection profile. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required