Designing Your CA Infrastructure

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To support the certificate-based applications of your organization, you must establish a framework of linked CAs that are responsible for issuing, validating, renewing, and revoking certificates as needed. The goal in establishing a CA infrastructure is to provide reliable service to users, manageability for administrators, and flexibility to meet both current and future needs, while maintaining an optimum level of security for the organization.

Figure 16.5 shows the steps involved in designing your CA infrastructure.

Figure 16.5   Designing Your CA Infrastructure