Planning for PKI: Best Practices Guide for Deploying Public Key Infrastructure

Russ Housley, Tim Polk

"A long overdue guide through the prickly thicket that is PKI."–Scott Bradner

Planning for PKI answers all your questions about deploying, operating, and maintaining a successful public key infrastructure (PKI). PKI is quickly becoming a major component of today’s network security solutions. Written by two of the architects of the Internet PKI standards, this practical guide explains the technical details and policy issues.

Using high-profile case studies of pioneering implementations, the authors clearly illustrate the benefits of PKI in securing e-business communications and transactions, discuss pitfalls to avoid, and give you the background information you’ll need to justify a PKI implementation. With this book as your guide, you’ll be able to:

  • Choose the right components for your specific network security needs
  • Design a PKI topology that best fits your organizational and network environment
  • Understand the contents and processing of X.509 certificates and certificate revocation lists (CRLs)
  • Understand the protocols used to create and distribute certificates and CRLs
  • Develop certificate policies (CPs) and certification practice statements (CPSs)
  • Understand common PKI-enabled applications, including S/MIME, TLS, and IPsec
  • Explore the benefits of emerging PKI-related technologies

RUSS HOUSLEY is Chief Scientist for SPYRUS, a leading provider of security products. He has contributed to the development of many standards, including PKIX Part 1, S/MIME, and MSP, the security cornerstone of the U.S. Defense Message System. He is a member of the President’s Export Council Subcommittee on Encryption, and chair of the IETF S/MIME Working Group.
TIM POLK is the technical lead for PKI at the National Institute of Standards and Technology (NIST). He has participated in federal PKI projects, such as the Federal Bridge CA project, since 1995. He has contributed to the development of many standards including PKIX Part 1. He is currently the co-chair of the IETF PKIX Working Group.

Table of Contents

  • Acknowledgments.
  • Introduction.
  • Cryptography Primer.
  • PKI Basics.
  • Authentication Mechanisms.
  • PKI Components and Users.
  • PKI Architectures.
  • X.509 Public Key Certificates.
  • Certificate Revocation Lists.
  • Repository Protocols.
  • Building and Validating Certification Paths.
  • PKI Management Protocols.
  • Policies, Procedures, and PKI.
  • PKI-Enabled Applications.
  • Defense Message System 1.0.
  • California Independent Service Operator.
  • The Federal Bridge CA Project.
  • Future Developments.
  • Appendix A: ASN.1 Primer.
  • Appendix B: Object Identifiers.
  • Bibliography.

Online Ordering

Quantity:

Other ordering options are available.

Copyright © 2000 John Wiley & Sons, Wiley Computer Books

Cover

List Price: $49.99
0-471-39702-4
352 Pages
Published: 03/13/2001

More Books About:
Security