Here’s a great new PKI whitepaper from Microsoft I contributed to prior to my departure. It hasn’t been widely publicized or distributed yet, but you can get it direct from Microsoft. Entitled “Securing Public Key Infrastructure” it is the most up to date set of best practices from Microsoft in years!
Planning a CA Hierarchy
Physical Controls for Securing PKI
PKI Process Security
Planning Certificate Algorithms and Usages
Protecting CA Keys and Critical Artifacts