In my customer engagements I get a lot of questions around what tasks an organization should be doing in terms of operation and maintenance for their PKI.  So, in this blog series I am going to cover the operational and maintenance aspects of a PKI. 

Below is the list of topics I plan on covering in this Blog Series:

• Removing expired certificates from the CA Database
• Publishing the CRL for an Offline Root CA
• CA Certificate Lifecycle and Renewing CA Certificates
• Implementing Credential Roaming
• Implementing Key Archival
• Role Separation
• Certification Authority Backup
• Emergency CRL Re-signing
• Determining Expiring Certificates
• Delegating Certificate Template Permissions
• Implementing the SMTP Exit Module

If there are any additional topics you would like me to cover, please submit a comment to this blog posting or tweet me @chdelay.