Overview of the PKI Design Process

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Organizations use a variety of technology solutions to enable essential business processes, such as online ordering, exchanges of contracts, and remote access. A public key infrastructure based on Microsoft Windows Server 2003 Certificate Services provides a means by which organizations can secure these critical internal and external processes.

Deploying a PKI allows you to perform tasks such as:

• Digitally signing files such as documents and applications.

• Securing e-mail from unintended viewers.

• Enabling secure connections between computers, even if they are connected over the public Internet or through a wireless network.

• Enhancing user authentication through the use of smart cards.

If your organization does not currently have a public key infrastructure, begin the process of designing a new public key infrastructure by identifying the certificate requirements for your organization. If your organization already uses a public key infrastructure based on Microsoft® Windows NT® version 4.0, Microsoft® Windows® 2000, or third-party certificate services, you can improve your PKI capabilities by taking advantage of new and enhanced features in Microsoft® Windows® Server 2003, Standard Edition; Windows® Server 2003, Enterprise Edition; and Windows® Server 2003, Datacenter Edition. When you have completed the PKI design process, you can deploy a public key infrastructure that provides solutions for all of your internal security requirements, as well as security requirements for business exchanges with external customers or business partners.

Note

• For a list of the job aids that are available to assist you with the PKI design process, see "Additional Resources for Designing a Public Key Infrastructure" later in this chapter.