Approach to Digital Signature Systems Deployment
ARX, Inc
T. Yas'ur
Conventional deployments store keys on PC hard disks, application- server hard disks, or in tokens, and also introduce complications for user enrollment and management. User and administrator frustration with the conventional approach has cramped development of a market for PKI. As a result, PKI has not reached its utilization potential and is far from becoming ubiquitous. This document describes architecture for deployment of secure and efficient digital signature capabilities based on a centralized key- management approach and emphasizes the importance of not disrupting existing identity and authentication management and application infrastructure. An alternative architecture is documented here so that PKI deployments will lower their associated administrative burdens and deliver improved scalability.