1
00:00:01,890 --> 00:00:06,720
Administration itself consists of the fact that we must manage the certification authorities and the

2
00:00:06,720 --> 00:00:10,070
certificates.

3
00:00:10,110 --> 00:00:12,710
These two rules should be separated.

4
00:00:12,720 --> 00:00:16,170
This is also stated in the Common Criteria standard.

5
00:00:16,170 --> 00:00:20,290
No public key infrastructure should fulfill more than one administrative role in it.

6
00:00:22,970 --> 00:00:29,280
Windows force is compliance with this by a separation of four roles.

7
00:00:29,340 --> 00:00:34,350
We can not be the certification authority administrator and the certificate manager at the same time

8
00:00:35,130 --> 00:00:40,430
to enable the separation of the roles we need to return again to the search tool.

9
00:00:44,960 --> 00:00:50,960
At the end a few words about responsibility certification authority management includes such obligations

10
00:00:50,960 --> 00:00:55,280
as the installation and configuration of those authorities.

11
00:00:56,590 --> 00:00:58,710
Certificate renewals.

12
00:00:58,710 --> 00:01:04,670
The certification authorities themselves as well as the monitoring of their activity.

13
00:01:04,720 --> 00:01:09,460
It's important to appoint key recovery agents.

14
00:01:09,490 --> 00:01:15,850
This is because we may store private keys of users in the certification authority.

15
00:01:15,900 --> 00:01:20,990
We have seen earlier that a private user does not leave the computer or smart card.

16
00:01:21,010 --> 00:01:25,940
However the certification authority can be configured to ask the user to send this key.

17
00:01:26,230 --> 00:01:32,170
Then it will be encrypted and stored in the Agent database The idea is that if something happens to

18
00:01:32,180 --> 00:01:36,130
the key on the user's side we will be able to restore it to him.

19
00:01:37,340 --> 00:01:41,310
There is no need to perform fairly complex operations such as.

20
00:01:41,310 --> 00:01:47,900
On behalf of the user decrypt his files so they could continue to use them who receive a copy of the

21
00:01:47,900 --> 00:01:50,350
key and can decrypt the files himself.

22
00:01:52,330 --> 00:01:55,510
You also need to make backups just as on all computers

23
00:01:58,710 --> 00:02:04,770
certificate management consists of preparing templates publishing these templates processing requests

24
00:02:04,770 --> 00:02:13,420
to issue certificates revoking certificates and publishing the certificate revocation list the creation

25
00:02:13,420 --> 00:02:19,950
or recovery of backup or user's private keys is an operation that involves more than one person.

26
00:02:20,070 --> 00:02:23,260
Otherwise it would be a violation of the basis of trust.

27
00:02:23,340 --> 00:02:25,590
Someone else has to have our private key

28
00:02:30,280 --> 00:02:34,660
since the private key is encrypted in the certification authority database.

29
00:02:34,690 --> 00:02:41,710
One person can download it and another person decrypted these persons must cooperate with each other.

30
00:02:41,790 --> 00:02:45,400
The chances are much less that they will cooperate with wrong intentions.

31
00:02:53,620 --> 00:02:59,890
Templates show however what the certificate will be used for in Windows Server 2008.

32
00:02:59,890 --> 00:03:05,090
We can use the first second or third version as the name suggests.

33
00:03:05,530 --> 00:03:08,430
The template is an example.

34
00:03:08,660 --> 00:03:11,260
We can modify the template for our own needs.

35
00:03:12,420 --> 00:03:18,840
As long as we use the appropriate addition of windows in the standard version we can only use one of

36
00:03:18,840 --> 00:03:22,160
the predefined templates installed together with the operating system

37
00:03:29,960 --> 00:03:33,890
an important point is also the issue of revoking certificates.

38
00:03:34,140 --> 00:03:39,480
If we suspect that the key has fallen into the wrong hands or that the certification authority has been

39
00:03:39,480 --> 00:03:45,120
completely compromised or simply a user no longer works for a company or changed his position and now

40
00:03:45,120 --> 00:03:48,670
the old certificate does not match then we have to revoke it.

41
00:03:49,960 --> 00:03:55,800
In order to revoke the certificate its number must be placed on the certificate relocation list

42
00:03:58,480 --> 00:04:02,910
the whole list is of course digitally signed.

43
00:04:02,960 --> 00:04:07,610
We have seen that the root certification authority has the requirement to publish such a list every

44
00:04:07,610 --> 00:04:09,850
12 weeks as we configured

45
00:04:14,860 --> 00:04:20,820
the less frequently we publish a S.R.O list the longer someone may use a compromised certificate.

46
00:04:20,890 --> 00:04:28,870
But if we publish it too frequently will generate lots of traffic on the network certificate evocation

47
00:04:28,880 --> 00:04:30,420
list can be quite long.

48
00:04:31,600 --> 00:04:36,130
The serial numbers of all the revoked certificates from the beginning of the authorities life for their

49
00:04:37,240 --> 00:04:41,570
Each time the entire list is downloaded to the computer.

50
00:04:41,570 --> 00:04:43,940
The solution is to publish a list of differences

51
00:04:47,830 --> 00:04:52,810
on the list the differences are only certificates revoked since the publication of the last full certificate

52
00:04:52,900 --> 00:05:08,280
evocation list all newer Windows systems support a differential mode.

53
00:05:08,440 --> 00:05:13,060
We mentioned briefly the topic of archiving keys.

54
00:05:13,070 --> 00:05:17,730
Now let's look at the process of key backup and recovery.

55
00:05:17,760 --> 00:05:23,100
The user may lose the key that matches the public key issued on the basis of a certificate in which

56
00:05:23,100 --> 00:05:25,020
the backup option was enabled.

57
00:05:26,700 --> 00:05:33,140
The archiving option is enabled for example for each of us certificates.

58
00:05:33,280 --> 00:05:38,980
It is generally enabled for certificates which allow encryption but it is not enabled for certificates

59
00:05:38,980 --> 00:05:42,720
to permit confirming identity.

60
00:05:42,770 --> 00:05:48,750
The user who has lost such a key submits a request to obtain its copy first.

61
00:05:48,760 --> 00:05:53,630
This key must go to the certification authority.

62
00:05:53,750 --> 00:05:59,600
The private key generated by the user once admitting that certificate request is encrypted with the

63
00:05:59,600 --> 00:06:00,250
public key.

64
00:06:00,260 --> 00:06:04,400
The certification authority and attached to the request to issue the certificate

65
00:06:07,720 --> 00:06:15,150
the certification authority decrypts this key and then encrypts it with the recovery key and saves it.

66
00:06:15,200 --> 00:06:17,950
We have someone whom we call the key recovery agent

67
00:06:21,180 --> 00:06:26,920
suppose that now the user has lost the key and would like to recover it from the backup.

68
00:06:26,960 --> 00:06:32,030
The certificate manager is the only person who is entitled to read the encrypted key from the certification

69
00:06:32,030 --> 00:06:33,890
authority database.

70
00:06:33,890 --> 00:06:37,590
You can read it but he cannot see it because it's encrypted.

71
00:06:40,840 --> 00:06:46,750
At this point the certificate manager sends the use of the encrypted key through the PKC number 7 format

72
00:06:47,350 --> 00:06:49,600
to the key recovery agent.

73
00:06:49,600 --> 00:06:53,010
This is the only person who can decrypt.

74
00:06:53,130 --> 00:06:57,310
He has the key to which the private key was previously encrypted.

75
00:06:57,350 --> 00:07:04,800
The task of the agent is only sending the decrypted key to the user in this module We've briefly presented

76
00:07:04,800 --> 00:07:09,530
the principle of the operation concept and functionality of the public key infrastructure.

77
00:07:10,780 --> 00:07:18,710
We've mentioned what the solution is used for and why it's worth implementing our own public key infrastructure.

78
00:07:18,710 --> 00:07:25,220
We've also spoken briefly about the issues related to the control and management of such an infrastructure.

79
00:07:25,230 --> 00:07:26,190
Thank you for your time.