Transforming Information Security: Optimizing Five Concurrent Data Trends to Reduce Resource Drain by Kathleen M. Moriarty

Author:Kathleen M. Moriarty
Language: eng
Format: epub
Publisher: Emerald Publishing Limited
Published: 2019-09-24T16:00:00+00:00

5.2.2 Automating Certificate and Key Management

Managing certificates for encrypted transport has been challenging with examples like certificates expiring, causing servers to be unreachable without operators knowing the cause at times. Even in well-managed environments with consistency of staff documenting key management requirements like roll over periods, certificate and key management can be cumbersome. Recent advances in automation have helped to improve this situation for web server certificates, and the same is evolving for other certificate types through the work of IETF's Automated Certificate Management Environment (ACME) (Barnes et al., 2019) protocol. ACME is often solely associated with the Let's Encrypt project. Although ACME had its origin with the team at Let's Encrypt, there are a few distinguishing characteristics of the protocol that must be understood for its general applicability.

Supports any level of certificate type, domain validated, extended validation, etc.

Applicable to any service requiring x.509 certificate management

Automation can be tied to external identity proofing requirements

Various levels of authentication are possible, some are in development for strong user verification as required for CodeSigning certificate issuance

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.