PKI, which is rooted in asymmetric cryptography (i.e., cryptography that uses different keys for encryption and decryption), offers strong security services to internal and external users, computers, and applications. Such services are increasingly important in today's IT environment. This eBook provides a starting point for understanding the PKI and certificate services available in Windows Server 2003. The eBook will cover topics such as trust relationships, trust management, validating digital certificates, certificate autoenrollment, certificate revocation, and key archival and recovery - as well as the limitations of PKI and certificate services in Windows.

In addition to securing Web sites and Web communications, network applications can use PKI to secure email, sign software digitally, support smart card logons, provide IP Security (IPSec) authentication, and encrypt data locally through the Encrypting File System (EFS). Although each application or service functions uniquely, they all require using PKI to issue and use digital certificates.

 

This eBook provides a starting point for understanding the PKI and certificate services available in Windows Server 2003. Each chapter covers topics such as trust relationships, trust management, validating digital certificates, certificate autoenrollment, certificate revocation, and key archival and recovery – as well as the limitations of PKI and certificate services in Windows.

 

— Jan De Clercq, Brett Hill, John Savill, and Randy Franklin Smith