Attendees at the mis Training Institutes recent conference on PKI, in Atlanta, learned that the public-key infrastructure in Microsofts Windows 2000 Advanced Server Edition lacks features essential to enterprise-level security. There is almost no facility for key history or key backup; secure time stamps are not supported; and the component doesnt support Online Certificate Status Protocol for checking a certificates validity online, said Sondra Schneider, a consultant for MISTI.
Microsoft is working to strengthen the PKI, and it is free, but organizations that need a full-featured PKI should look elsewhere.