Saturday, July 4, 2009

Top rules for a successful Certificate Management

In the next months I am working on the rules for a successful certificate management system. The idea behind that is not to much to see what we do with certificates, it is more about what is the foundation of a certificate in these days: Who has requested a certificate, who decided what is the content of a certificate, who has approved processing a certificate, how has the certificate traveled to a user or machine. So starting from the identitiy management view of users to the tracking process of a certificate over all phases in the lifecycle of a certificate. So I will start with that next.

Wednesday, March 25, 2009

Do we need another certificate managment system?

Do we need another certificate managment system? That is a good question. So when I am looking at OpenCA or Microsoft Certificate Lifecycle Manager it seems there is a lot of functionality included. But with less workflow functionality on one side and high costs and less compatibility to "other" operating systems on the other hand. And there are more sophisticated management systems on the market, some times also with sophisticated pricing. And most of all every system is bonded to one CA system, so if you are working in an enterprise environment you have probably more then one certificate management system. What is the conclusion: Do we need a meta certificate management system?