David Wozny - PKI Bloke (Retired)
The two documents presented here are possibly some my best authoring work and give a reasonable idea of the type of work I was engaged in delivering.
PKI Offline CA HSM Best Practices for Thales / nCipher
I was commissioned by Thales e-Security, to author a white paper providing a detailed examination of architectural best practices on deploying \ securing offline certification authorities and hardware security modules. The paper articulates PKI trade‐offs in security, simplicity, availability and cost. Click on the link here to download it as I wrote it for Thales: Offline CA Best Practices White Paper. After nCipher was spun out of Thales in 2019, the document was reformatted and re-published (by this time I had retired) - you can access it by clicking this link.
Active Directory Certificate Services (ADCS) for Oxford Computer Group
I was commissioned by ThirdSpace (formerly Oxford Computer Group), the identity and security management specialists for enterprises, to author a white paper which explains PKI at a very high level and describes "how Microsoft does it". Click on the link here to download it: ADCS White Paper