AIA extension location on a public web site
Can anyone tell me if it is acceptable to set the AIA extension location to a publicly accessible http website? That is, does the .crt file that is published to the AIA location have any private key data or information that would create a substantial
security risk if published to a public website?
November 4th, 2010 12:09pm
On Thu, 4 Nov 2010 16:05:03 +0000, chrisbushong wrote:
Can anyone tell me if it is acceptable to set the AIA extension location to a publicly accessible http website?? That is, does the .crt file that is published to the AIA location have any private key data or information that would create a substantial security
risk if published to a public website?
It is acceptable and if the relying party is external to your network, both
the AIA and CDP locations need to be publicly accessible.
There is no private key data associated with the certs hosted in an AIA
publication point.
Paul Adare
MVP - Identity Lifecycle Manager
http://www.identit.ca
Free Windows Admin Tool Kit Click here and download it now
November 4th, 2010 12:28pm