Planning Your Public Key Infrastructure
Microsoft® Windows® 2000 supports a comprehensive public key infrastructure (PKI). A PKI is a system of digital certificates, certification authorities, and other registration authorities that verify and authenticate the validity of each party involved in an electronic transaction through the use of public key cryptography.
You can design a PKI that meets your public key security needs using Microsoft® Certificate Services or other certificate services.
In This Chapter
Overview of Public Key Infrastructure
Building Your Public Key Infrastructure
Designing Your Public Key Infrastructure
Developing Optional Custom Applications
Deploying Your Public Key Infrastructure
Public Key Infrastructure Planning Task List
Chapter Goals
This chapter will help you to develop the following planning documents:
Public key certificate requirements
Policies for how certificates will be issued and used
Certification authority trust hierarchy design
Certificate life cycle policies and processes
Policies governing certificate revocation
Strategies for certificate backup and disaster recovery
Timetable for PKI deployment and rollout
Related Information in the Resource Kit
For more information about the basic concepts of cryptography-based security, PKI, and public key technology, see "Cryptography for Network and Information Security" in the Microsoft ® Windows ® 2000 Server Resource Kit Distributed Systems Guide.
For more information about security solutions using public key technology, see "Choosing Security Solutions That Use Public Key Technology" in the Microsoft Windows 2000 Server Resource Kit Distributed Systems Guide.