Enrollment
New Online PKI Training Courses Are a Deep Dive into Public Key Infrastructure: Critical for IT Security, IoT, 5G, and SHAKEN/STIR
Why Public Key Infrastructure (PKI)? A PKI is the core of IT for enterprises, supporting network authentication, data encryption, code signing and secure email. In addition, in the next two years, 42 percent of Internet of Things (IoT) devices such as temperature sensors, televisions, and smart vehicles will rely primarily on digital certificates for identification…
Read MorePKI Explained: Why It Is Necessary and Relevant Now More Than Ever
Unauthorized access, unsigned applications (malware) and unsecured email. What can help prevent these top 3 cyberthreats impacting organizations today? Public key infrastructure (PKI). Mark explains PKI and authentication in an article in ISACA’s The Nexus. I like his analogy describing PKI as “a virtual, encrypted handshake.” Check out the article.
Read MoreUnderstanding Microsoft Cryptographic Service Providers
A common question I often get from customers and students is about Microsoft’s Cryptographic Service Providers (CSP). The CSPs are responsible for creating, storing and accessing cryptographic keys – the underpinnings of any certificate and PKI. These keys can be symmetric or asymmetric, RSA, Elliptical Key or a host of others such as DES, 3DES, and…
Read MoreCreating a NDES Policy Module – A Programmers Guide
Microsoft introduced a great security improvement in Windows Server 2012 R2 to alter the standard Network Device Enrollment Service (NDES) security process. If you are familiar with the whitepaper I wrote for Microsoft (Securing and Hardening NDES) you’ll know I wrote about the disadvantages of using NDES for BYOD and Internet accessible enrollment solutions. The…
Read MoreSubmitting Netscape SPKI (SPKAC) Cert Requests to ADCS
Recently I was contacted on Twitter with a question about Microsoft’s support of Signed Public Key and Challenge (Netscape SPKI) for certificate enrollment requests. I have long taught in my classes that there are a number of formats supported by ADCS for certificate requests. So I consulted one of the tables I talk about in…
Read More