PKI White Papers
PKI Offline CA HSM Best Practices for Thales / nCipher
I was commissioned by Thales e-Security to author a white paper providing a detailed examination of architectural best practices on deploying offline certification authorities and Hardware Security Modules (HSMs). The paper articulates PKI trade‐offs in security, simplicity, availability and cost. Click on the link here to download it as I wrote it for Thales: Offline CA Best Practices White Paper. After nCipher was spun out of Thales in 2019, the document was reformatted and re-published (by this time I had retired) - you can access it by clicking this link.
Active Directory Certificate Services (ADCS) for Oxford Computer Group
I was commissioned by ThirdSpace (formerly Oxford Computer Group), the identity and security management specialists for enterprises, to author a white paper which explains PKI at a very high level and describes "how Microsoft does it". Click on the link here to download it: ADCS White Paper.
PKI Solution Documentation
Almost every engagement I worked on resulted in my technical authoring a combination of high and low level designs, operational guides, key signing ceremonies and integration guides. The sample documents I've provided have been vastly redacted and anonymised.
After reminiscing, I uploaded some random documents I authored during the early stages of my IT career. Some of them were in the days of DOS (pre-Windows) and before networking reached its TCP/IP nadir. The documents are a hotchpotch, which I haven't attempted to put any formal structure around.