Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

Share this Page URL

Introduction - Pg. xxvii

Introduction Welcome to Windows Server 2008 PKI and Certificate Security. This book provides detailed information about designing and implementing public key infrastructure (PKI) solutions with the Windows Server 2008 certification authority (CA). This book is based on the white papers and guidelines produced by the Microsoft PKI product team and on my experience working with Microsoft Consulting Services and my company's consulting engagements at customer sites over the past five years. About This Book Although you are welcome to read the book from cover to cover, it is divided into three self- contained parts. Each part contains chapters that build on the lessons and practices described within that part. Each chapter ends with a case study that enforces the critical concepts discussed in the chapter, allowing you to validate how well you understand the concepts of the chapter. Note The answers for the case study questions are available in the appendix, "Case Study Questions and Answers" in both the print copy of the book and the eBook, which can be found on the Windows Server 2008 PKI and Certificate Security companion CD. The three parts of this book are the following: Part I, "Foundations of PKI" Part I provides an overview of cryptography and PKI con- cepts and culminates with one of the most important chapters in the book, Chapter 3, "Policies and PKI." Part I ensures that you understand the relationship between a PKI and your organization's security policies. Without strong policies and procedures, a PKI is simply a collection of application servers, rather than a mechanism for securing your network and its applications. Part II, "Establishing a PKI" Part II provides a framework for designing and implement- ing a PKI within your organization, including detailed information on preparing your Active Directory Domain Services (AD DS) environment and designing and implement- ing your organization's CA hierarchy. Part II includes information on designing and implementing a CA hierarchy, designing certificate templates, planning deployment of certificates to users and computers, and disaster recovery recommendations. When you complete Part II, you will have a CA hierarchy that is ready to deploy certificates for any PKI-enabled application used by your organization. In addition, this section covers clustering a CA and implementing Online Certificate Status Protocols (OCSPs). xxvii