The core component of the Windows Server 2003 public key infrastructure (PKI) software is the Certification Authority (CA), which Microsoft often refers to as the Certificate Server or Certificate Services. A CA receives and processes PKI user certificate requests, identifies and validates those requests, issues certificates according to the PKI's security policy, renews and revokes certificates, publishes certificates to different locations, creates and publishes certificate revocation lists (CRLs), and logs all certificate and CRL transactions to the appropriate database. A Windows 2003 CA can also perform secure private key archival and recovery. (For more information about certificate revocation, key archival and recovery, and certificate autoenrollment, see the articles in "Resources," page 9.) To better understand how CAs and PKI have evolved in Windows 2003, let's examine the components of the latest Certificate Services architecture and the differences between establishing an enterprise CA and a standalone CA in Windows 2003. . . .
Register
