PKI enhancements in Windows
Windows has included strong, platform-wide support for PKI since the release of Windows 2000. That release included the first native certificate-authority capability, introduced auto-enrollment, and provided support for smart-card authentication. In Windows XP and Windows Server 2003, those capabilities were expanded to provide more flexible enrollment options with version 2 certificate templates and support for auto-enrollment of user certificates. In Windows Vista and Windows Server 2008, the Windows PKI platform takes the next step with support for advanced algorithms, real-time validity checking, and better manageability. This column discusses the new PKI features in Windows Vista and Windows Server 2008 and how they can be utilized by enterprises to lower costs and increase security.
[ Read more ]