A friend, who’s opinion I do value, told me that the previous texts regarding building a CA was too simple, stuff that could easily be figured out and that stuff just was nothing to talk about. Granted, all that could be figured out from the web. Apparently dual control, split roles and such would be things that would be interesting and not enough is written about it. So, here goes.
I’ll take the goal of building a serious CA in a company environment where one would have resources at their disposal. These settings could be generalized to any security server and I, by far, am not a specialist on all the stuff I cover, I try to point out where my knowledge gets thin.
Lets get to basics and build up from there. This section of my blogs will be a mixture of physical, technical and process in an order that I feel writing about.