References & Links

(Thanks to David Cross for the links)

Top Whitepapers:

  1. Default Access Control Settings in Windows Server 2003 whitepaper:

  2. Internal link to PKI landscape, deployments, challenges, topologies, etc. http://winweb/security/pki/Docs/analysts/Burton/public%20key%20infrastructure_770.pdf

  3. List of new XP and 2003 features:

  4. Auto-enrollment whitepaper:

  5. Best Practices for implementing Windows Server 2003 PKI:   and

  6. Microsoft Systems Architecture:

  7. Cross-certification and Qualified subordination whitepaper:

  8. Windows Server 2003 certificate templates whitepaper:

  9. Windows Server 2003 key archival and recovery whitepaper:


  1. The Secure Access Using Smart Cards Planning Guide :

  2. Windows Server 2003 PKI operations and configuration guide:

  3. Windows Server 2003 PKI management whitepaper:

  4. Windows Server 2003 advanced certificate enrollment whitepaper:

  5. Windows Server 2003 web enrollment and troubleshooting guide:

  6. Troubleshooting Certificate Status and Revocation whitepaper:

  7. IPSEC deployment guide:

  8. MSS wireless guide:

  9. Wireless PEAP guide:

Tutorials and Reference Collection:

  1. Smart Card Mini Driver (a.k.a Card Module) Specification - 

  2. Windows Vista SDK -

  3. Windows Vista Cryptography Next Generation (CNG) SDK -

  4. This is the overall link to the PKI Technologies collection, which serves as the umbrella introduction to the Certificates, Certificate Services, and CA Certificate Technical Reference sub-collections :


    2. If you want to use links to the individual collections:

      1. CA Certificates:

      2. Certificates:

      3. Certificate Services:

    3. EFS is covered in the Data Security collection. The link to the EFS Technical Reference is:

  5. Guidelines for Enabling Smart Card Logon with Third-Party Certification Authorities (Q281245):;en-us;Q281245

    1. Requirements for Domain Controller Certificates from a Third-Party CA (Q291010):;en-us;Q291010 
  6. How to Import a Third-Party Certificate into the NTAuth Store (Q295663):;EN-US;Q295663

    1. Step by Step Guide to Certificate Mapping:
  7. How to Enable LDAP over SSL with a Third-Party Certification Authority:;en-us;321051

  8. Third-Party Certificate Authority Support for Encrypting File System (Q273856;en-us;Q273856

  9.  Strong Private Key Protection:;en-us;320828

  10. Enrollment Samples: and

  11. Win2k info: 

  12. Certificate Services Tools and Settings: 

  13. EFS: and

  14. DPAPI: 

  15. PKI page: 

  16. Resource kit:

  17. CAPICOM: http://www.microsoftcom/downloads/details.aspx?FamilyId=860EE43A-A843-462F-ABB5-FF88EA5896F6&displaylang=en 

  18. CAPIMON:

  19. Anti-spyware: 

  20. MSCEP: 

  21. Windows CE: 

  22. Identrus and OCSP: 

  23. Root Program: 

  24. Adminpak:

  25. CSP test suite:

Vendor Related Info:

  1. Ncipher:

  2. Chrysalis: