This in-depth reference teaches you how to design and implement even the most demanding certificate-based security solutions for wireless networking, smart card authentication, VPNs, secure email, Web SSL, EFS, and code-signing applications using Windows Server PKI and certificate services. A principal PKI consultant to Microsoft, Brian shows you how to incorporate best practices, avoid common design and implementation mistakes, help minimize risk, and optimize security administration. Table of Contents
Pt. I Foundations of PKI
1 Cryptography basics 3
2 Primer to PKI 21
3 Policies and PKI 39
Pt. II Establishing a PKI
4 Preparing an active director environment 59
5 Designing a certification authority hierarchy 73
6 Implementing a CA hierarchy 99
7 Upgrading your existing Microsoft PKI 151
8 Verifying and monitoring your Microsoft PKI 165
9 Securing a CA hierarchy 189
10 Certificate revocation 207
11 Certificate validation 235
12 Designing certificate templates 259
13 Role separation 285
14 Planning and implementing disaster recovery 307