Protect Yourself From Malicious PKI Administrator – Role Separation In PKI

Let’s start with some theoretical background about public key role separation. An important step in designing and implementing our public infrastructure is that reminding the groups or users who will manage it, and here, I would like to point out that we should always use active directory groups when we are talking about security managing certification authorities that are a member of active directory, because it is much easier from the management perspective. This design step determines the security of your public infrastructure, so please don’t treat it lightly.