Key Management

PDF The issue of Key Management is an important consideration when selecting any CA system. To understand the importance of this subject, you must first understand the real difference between the Key-Pair and the Certificate. The Key-Pair is used to provide the authentication and the unique identity of the end user. The Certificate, that is used to sign this Key-Pair, tells you that it is valid and ‘not out of date’. Together the Key-Pair and the Certificate create the ‘package’ that makes up the Digital Certificate.

When considering whether you need (or want) Key Management, you should clearly understand the total environment that your Digital Certificates will be used in and, in particular, your end users. This requires that you pay special attention to the following three ‘Top Considerations’ when selecting the correct CA for you:

Three Top Considerations

    1. Whether your User Group is Open or Closed

    2. The Delivery Method you will use

    3. The Storage Type you select

Once these three principles are clearly understood, then you need to understand the long term impact of the Key Management you choose and this is dictated by the Digital Certificate Binding Option (see sub section 3.8.4) that you decide upon. The Digital Certificate Binding Option is the fourth and final Top Considerations when selecting the correct CA for you.