Re: PKI Question
From: S. Pidgorny
Date: 10/07/05
- Next message: Karl Levinson, mvp: "Re: secedit API"
- Previous message: S. Pidgorny
: "Re: ldap security" - Next in thread: Brian Komar [MVP]: "Re: PKI Question"
- Maybe reply: Brian Komar [MVP]: "Re: PKI Question"
- Maybe reply: Steven L Umbach: "Re: PKI Question"
- Maybe reply: Steven L Umbach: "Re: PKI Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 7 Oct 2005 19:06:57 +1000
"Best practice" for enterprise doesn't always apply to small site/small
business situation. I believe you can run a single root/issuing CA and
secure that.
-- Svyatoslav Pidgorny, MS MVP - Security, MCSE -= F1 is the key =- "Russ Allen" <RussAllen@discussions.microsoft.com> wrote in message news:91F25D01-F084-4288-9CD9-23E84D90DCB7@microsoft.com... > I am in charge of a PKI Enterprise Root CA that issues out certs for a ift > certificate site automatically and I was presented with taking off the Root > CA and putting in two subordinate CAs. We run the Root CA on a VM and it is > not going to be very secure (andyone can log on to the server powerup the VM > and log on and do their thing) I think we are making this over cmplicated, we > only service that one site and it has been running smooth for several years. > It was stated the 2 tiers was the best practice but I don't feel we need to > do that just one Sub CA if any a bit of wisdom is requeted from this fine > community. thanks in advance. > > Russ Allen
- Next message: Karl Levinson, mvp: "Re: secedit API"
- Previous message: S. Pidgorny
: "Re: ldap security" - Next in thread: Brian Komar [MVP]: "Re: PKI Question"
- Maybe reply: Brian Komar [MVP]: "Re: PKI Question"
- Maybe reply: Steven L Umbach: "Re: PKI Question"
- Maybe reply: Steven L Umbach: "Re: PKI Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
