Like many of you I've heard all the stories about how PKI (Public Key Infrastructure) "will save the day" for all our security concerns - this message was pushed particularly hard four to five years ago. PKI is a component of infrastructure which makes things like secure email (S/MIME), secure browsing (SSL/HTTPS), secure wireless (PEAP/EAP-TLS), code authenticity (code signing / authenticode) possible. Windows XP, Vista and Server 2003 make implementing PKI reasonably easy from a technical standpoint - don't forget the importance of process and procedure support and legal compliance.
Following much demand I'm going to present a Technet session purely on PKI (on 29th November) during which I'll debunk some myths, explain exactly HOW PKI works and show you how to implement all of the above with the exception of secure wireless which has a dedicated session of it's own on 8th December. Details of both sessions can be found on the UK TechNet events site - they are both in Reading.
Please let me know which parts of PKI confuse people most - comments would be appreciated. Clearly I have my own views and experience but I'm very keen to learn from you.
How do you spell it? :) My experience with PKI a few years ago was one of confusion. I was pleased when it was supported in the OS, but I really didn't have easy access to resources that walked me through the basics. So I'd go to a session at TechEd, and it all looked so easy in PowerPoint. :) But when I got back to the office I couldn't get it to work. If I were in the UK, I'd definitely point all my TechNet Event attendees to your event. I think even now there are quite a few IT Pros who just don't know where to start. It's like scripting - at least scripting a couple of years ago, before the Scripting Guys did such a great job of putting it all in plain English for us. Cheers! -Kevin
<P>Kevin> IKP is a marvellous thing! Seriously though I too used to be totally baffled by HOW to implement PKI on the server side simply because I didn't understand what happened under the hood. My solution was to join RSA Security and work with cryptographic experts - I ended up implementing PKI as a Consultant for my living! </P>
<P>My largest production PKI implementation supported a million users.</P>
<P>This session WILL absolutely SHOW the audience HOW IT WORKS AND HOW TO BUILD IT (which is pretty easy on recent versions of Microsoft products). Cheers Kevin.</P>