pki for dummies
DESCRIPTION
Slidedeck used at the Dutch Techdays Event in 2012.TRANSCRIPT
PKI for Dummies
Alex de JongMicrosoft Freelance
Agenda• PKI Overview• Your own PKI
Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and
procedures needed to create, manage, distribute, use, store, and revoke
digital certificates
Subject Valid from/to
Issuer
Serial Number
Certificate Extensions
• Subject, Serial Number, Issuer, Valid From, Valid To• Public Key• Subject Alternative Names (SANs)• Authority Information Access (AIA)• Certificate Revocation Lists (CRLs)• Enhanced Key Usage
Authentication Encryption
Authenticity
3 Encryption “methods”• Symmetric
– 1 encryption key for encryption and decryption• Asymmetric
– 2 keys encryption keys: Public & Private• Hashing
– Used for Authenticity checking, passwords– Irreversible
Authenticity• Digitally Signed Data– e-mail, documents, this PowerPoint
About the Issuer
DEMOPublic CA’s
Building one of your 0wn3d• Stand alone vs. Enterprise• Design Considerations• Certificate Revocation Lists (CRL’s)
Building one of your 0wn3d• Certificate Templates• Web Services• …
DEMOPrivate CA’s
Enrolling certificates• Web Services• Auto Enrollment• MMC Snap-in
From the client side• Managing your own certificates• Checking the others
DEMOManaging Certificates