Schedule a Demo
Blog August 1, 2024 PKI, PKI Insights

PKI Insights Recap - Past, Present, and Future of PKI with Brian Komar

by Mark B. Cooper
A representation of PKI and digital certificate with a key lying on a blue circuit board

In our recent July webinar, “PKI Insights – Past, Present, and Future of PKI,” we had the honor of hosting Brian Komar, a well-known leader in the PKI space, for a special edition of our series. As many in the industry know, Brian is not just a PKI expert but also a key influencer who has significantly shaped the field over the past two decades. This webinar was both a deep dive into the evolution of PKI and a celebration of Brian’s amazing career as he steps into retirement.

A Journey Through PKI’s Evolution

The session began with a nostalgic look at Brian’s entry into the world of PKI. Hailing from Winnipeg, Canada, Brian’s journey into PKI was, as he described, somewhat accidental. Originally trained in actuarial mathematics, he transitioned into IT, finding his niche in security and ultimately PKI. His contributions include the seminal book on Windows Server PKI, “Microsoft Windows Server 2003 PKI and Certificate Security,” which educated a generation of PKI professionals around the world.

One of the key takeaways from Brian’s career is the critical role of policies and procedures in PKI implementations. He emphasized that while technology can be complex, the true challenge often lies in maintaining rigorous processes. This was highlighted by anecdotes from his consulting work, where deviations from established procedures led to significant security risks.

The Present State of PKI

In discussing the current landscape, Brian touched on the increasing trend towards cloud-based PKI solutions. While acknowledging their convenience, he expressed caution regarding the potential loss of control over key materials. He pointed out that, for high-assurance scenarios, on-premises PKI with hardware security modules (HSMs) remains the gold standard. Brian’s stance on this matter is clear: while cloud PKI has its place, it is not a one-size-fits-all solution, especially for organizations requiring stringent security measures.

Another critical point of discussion was the shift towards managed PKI services. Brian noted that while these services can alleviate some of the operational burdens, they do not absolve organizations from understanding and managing their PKI infrastructures. The rise of attacks like PetitPotam and SpecterOps Certified Pre-Owned has made it clear that even well-established PKIs are not immune to vulnerabilities, underscoring the need for vigilant management.

Looking Ahead: The Future of PKI

As the discussion moved to the future, Brian shared his thoughts on emerging trends, including post-quantum cryptography (PQC). While the transition to post-quantum algorithms is on the horizon, he noted that it will likely be a gradual process, similar to the transition from SHA-1 to SHA-256. The key challenge will be ensuring compatibility across diverse systems and applications.

Brian’s insights also extended to the continued relevance of PKI in an increasingly digital world. He emphasized that despite advancements in technology, the fundamental principles of trust and identity management that PKI provides will remain indispensable.

A Fond Farewell

As we wrapped up the webinar, it was clear that Brian’s contributions to the PKI community have left a lasting mark. To commemorate his retirement, we presented him with a Lifetime Achievement Award in PKI Excellence. A fitting tribute to someone who has dedicated his career to advancing the field and educating others.

For those who couldn’t join us live, we encourage you to watch the webinar replay on our website and follow us on LinkedIn and X (formerly Twitter) for updates.

Thank you, Brian, for your years of service and for sharing your knowledge with the community. We wish you all the best in your retirement, filled with plenty of golf and relaxation!

Related Resources

  • Blog
    December 10, 2024

    Creating Highly Available CDP and AIA Locations with Azure, Part 2

    AIA, Azure, CA, CDP, IIS Web Server, SMB
  • Blog
    December 5, 2024

    Creating Highly Available CDP and AIA Locations with Azure, Part 1

    AIA, Azure, CA, CDP, IIS Web Server, SMB
  • Blog
    November 14, 2024

    Microsoft ADCS Vulnerability – CVE-2024-49019 Escalation of Privilege

Mark B. Cooper

President & Founder at PKI Solutions, Leading PKI Cybersecurity Subject Matter Expert, Author, Speaker, Trainer, Microsoft Certified Master.

View All Posts by Mark B. Cooper

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *