…….
What Is PKI?
A Public Key Infrastructure (PKI):
Is the combination of software, encryption technologies, processes, and services that enable an organization to secure communication and business transactions
Relies on the exchange of digital certificates between authenticated users and trusted resources
PKI enhances infrastructure security by providing:
Confidentiality
Integrity
Authenticity
Nonrepudiation
Discussion: Managing IDA and Enhancing Security by Using PKI
• What benefit would a PKI solution provide to your organization?
• Give a few examples of services that can use certificates to enhance security.
• How does PKI solution support IDA Management?
Discussion: Options for Implementing CA
• What are the advantages and disadvantages of using an external public CA?
• What are the advantages and disadvantages of using an internal CA?
Types of CAs
• Is the most trusted type of CA in a PKI infrastructure
• Is a self-signed certificate
• Issues certificates to other subordinate CAs
• Possesses physical security and the certificate issuance policy that are typically more rigorous than subordinate CAs
Root CA
• Is issued by another CA
• Addresses specific usage policies, organizational or geographical boundaries, load balancing, and fault tolerance
• Issues certificates to other CAs to form a hierarchical PKI infrastructure Subordinate CA
Demonstration: How To Install AD CS as a Root CA
• To install the AD CS server role as an Enterprise Root CA