Designing PKI Object Publication
To enable certificate validation, you must ensure that a CA’s certificate and CRL are available for download by the certificate chaining engine. This is done by confirming that the certificate and CRL are available by using the desired protocols from the desired locations and are published at the required intervals.
Choosing Publication Protocols
Determining the protocols used for CA certificate and CRL retrieval is the first step in choosing publication points. The following protocols are available the Windows Server 2003 and Windows Server 2008 PKIs:
HTTP. The Hypertext Transfer Protocol (HTTP) provides the most flexibility. Almost all client computers have a Web browser installed that allows access to HTTP URLs. ...