PKI: Protection of Stand Alone Certificates

A Windows 2000 (W2K) Stand-alone Offline Root Certificate Authority (SaORCA) is an extremely important element in an organization's W2K Public Key Infrastructure (PKI). A W2K SaORCA is the cornerstone of an organization's W2K Certificate Authority (CA) Hierarchy and an organization's W2K CA Hierarchy is the frame to support an effective organizational W2K PKI. Because of its importance, the W2K SaORCA requires an elevated level of protection to ensure the confidentiality and integrity of its own self-signed Root CA Certificate(s), of its own private key(s), and the issued and/or revoked Certificates that belong to its subordinate W2K CAs. This protection guide is designed to offer a starting point for seasoned W2K Server Administrators assigned the organizational W2K PKI role and responsibility of W2K SaORCA Administrator.