Queries on PKI

Discussion in 'Security Software' started by Imran Vilcassim, Oct 17, 2006.

  1. Hi all, hope someone could help me out with these queries on PKI.

    1. if i setup a Root CA on windows 2003, is it possible to sign the
    certificates of this CA by using a known CA such as verisign?

    2. Can an intermediate Windows 2003 CA issue certificates from a 3rd party
    CA such as verisign?

    3, does windows 2003 support the ECDSA cryptographic standard?

    4. can certificates by a windows 2003 CA be used by client other than
    outlook for email encryption and digital signing?

    5. can a windows 2003 PKI solution be incorporate a timestamping service and
    should be available for use with the infrastructure to securely associate a
    trustworthy statement of time with each transaction.

    Imran Vilcassim, Oct 17, 2006
    1. Advertisements

  2. Imran Vilcassim

    Paul Adare Guest

    microsoft.public.security news group, =?Utf-8?B?SW1yYW4gVmlsY2Fzc2lt?=
    Not a root CA, no. A root CA by definition self-signs its own
    certificate, that's what makes it a root CA. Verisign, Cybertrust and
    other vendors provide services where by they will sign your issuing CA
    certificate. This is a common practice when you need to issue S/MIME
    and/or SSL certificates that need to be trusted by relying parties
    outside of your organization.
    See above.
    No. Longhorn will support ECC.
    Yes. Windows 2003 Certificate Services issues standard X.509
    Paul Adare, Oct 17, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.