Overview of the PKI Design Process
Updated: March 28, 2003
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Organizations use a variety of technology solutions to enable essential business processes, such as online ordering, exchanges of contracts, and remote access. A public key infrastructure based on Microsoft Windows Server 2003 Certificate Services provides a means by which organizations can secure these critical internal and external processes.
Deploying a PKI allows you to perform tasks such as:
Digitally signing files such as documents and applications.
Securing e-mail from unintended viewers.
Enabling secure connections between computers, even if they are connected over the public Internet or through a wireless network.
Enhancing user authentication through the use of smart cards.
If your organization does not currently have a public key infrastructure, begin the process of designing a new public key infrastructure by identifying the certificate requirements for your organization. If your organization already uses a public key infrastructure based on Microsoft® Windows NT® version 4.0, Microsoft® Windows® 2000, or third-party certificate services, you can improve your PKI capabilities by taking advantage of new and enhanced features in Microsoft® Windows® Server 2003, Standard Edition; Windows® Server 2003, Enterprise Edition; and Windows® Server 2003, Datacenter Edition. When you have completed the PKI design process, you can deploy a public key infrastructure that provides solutions for all of your internal security requirements, as well as security requirements for business exchanges with external customers or business partners.
For a list of the job aids that are available to assist you with the PKI design process, see "Additional Resources for Designing a Public Key Infrastructure" later in this chapter.