"Without secure authentication, promises of privacy by companies on the Net simply lack credibility."
-- Dr. Alan Westin, Columbia University professor and leading privacy expert

Throughout our series on Growing A Tree Of Trust, we''ve harped on the merits of secure authentication and challenges in laying the plumbing that makes them possible. In Part One of the series we introduced Public Key Infrastructures (PKIs) as the highest layer of application security that sits atop a secure computer operating environment. We also introduced the concepts of a Certificate Authority (CA), Public Key Cryptographic Standards (PKCS), Certificate Revocation Lists (CRLs), Certificate Practices Statements (CPSs), and offered some reasons for wanting to migrate to a PKI.

In Part Two we took a detailed look at the steps of digital certificate management (request, issuance, storage, usage, and revocation) to help you better understand some of the challenges that lie ahead in integrating your legacy systems into the PKI.