PKI-Status-Update

(elkement. Last changed: 2015-05-15. Created: 2015-05-15. Tags: IT, Security, PKI, Public Key Infrastructure, Announcements. German Version.)

I had been a PKI consultant since 2002, mainly working with European enterprise customers on designing and implementing their PKIs run inhouse. Now I am supporting some long-term existing clients with their PKI / X.509 issues but I don't take on new clients.

As a former Microsoft employee I have focused mainly on the Microsoft PKI, versions Windows 2000 / 2003 / 2008 / R2 / 2012 R2 - but I also had some exposure to various other PKI-enabled applications and devices. The fun part of PKI projects is in debugging weird issues that exotic or allegedly 'industry-grade' applications have with validating certificate paths, using keys etc.

Here is the often requested one A4 page summary, and here you can see that those PKI services are part of an ... uhm... odd combination of IT services.

  • I try to keep track of links, books, papers etc. I found useful and add them to this list. This is not intended to be the perfectly structured, 'educational' collection. I rather pick and add what I stumbled upon while working on PKI issues or discussing with other security freaks.
  • I started logging PKI issues here. The idea is to described them most concisely, in TXT format.
  • Struck by vanity I made the collection of my modest own contributions a page in its own right. I am also trying to keep track of my postings to security forums in order to use those as my knowledge base.

I am originally a physicist (completed PhD in 1995), worked in R&D and switched to IT security. In 2013 I have completed another master's degree called Sustainable Energy Systems and did a master thesis on smart metering and security (LinkeIn profile). Now I am consulting engineer working with heat pumps that use a special heat source. Yes, I know - it is weirder to combine that with PKI.

The security of the smart grid and internet of things [add more buzz words here] provide options to re-use my security know-how in the context of my new field. Such heat pumps may use control units connected to 'the internet' and all kinds of certificate-/PKI-enabled stuff might be involved here.

For five years I have given a yearly lecture in a master's degree program, then called Advanced Security Engineering at FH Joanneum. Here is the last version of the slides.

This is an image I called PKIs in the real world in this post.

PKIs in the real world. By Elke Stangl

Personal website of Elke Stangl, Zagersdorf, Austria, c/o punktwissen.
elkement [at] subversiv [dot] at.