June 2017
Beginner to intermediate
742 pages
18h 29m
English
Content preview from Mastering Active Directory
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
The single-tier model
This model is also called as one-tier model, and it is the simplest deployment model for PKI. This is not recommended to use in any production network, as its single point of failure of entire PKI:
In this model, a single CA will act as root CA and issuing CA. As I explained before, the root CA is the highest trusted CA in PKI hierarchy. Any compromise to the root CA will compromise the entire PKI. In this model, it's a single server, so any compromise on the server will easily compromise the entire PKI, as it doesn't need to spread through different hierarchy levels. This model is easy to implement and easy to manage. ...