Chapter 4

PKI Management and Security

In Chapter 1, “Introduction,” we mentioned that this book addresses public key infrastructure policies, standards, practices, and procedures. We also discussed industry standards organizations, including ANSI, IETF, ISO, NIST, RSA Labs, W3C, and X9 who have all published PKI-related standards. While some businesses rely entirely on industry standards, others feel compelled to develop and maintain their own internal standards. Regardless whether a business depends on external standards, internal standards, or both, standards play a special role between policies and practices.

Policy statements are basically high-level requirements, essentially goals that define “what” needs to be achieved. Practices are fundamentally ...

Get Security without Obscurity now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security without Obscurity by Jeff Stapleton, W. Clay Epstein

PKI Management and Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly