Microsoft Certificate

Microsoft Root Certificate Program

Microsoft Root Certificate Program

A number of Microsoft customers use solutions which are cryptographically secured using the public key infrastructure based on root certificates delivered under the Microsoft Root Certificate Program. The program has been expanded to cover the Internet based root certification authorities. New standards have been developed to cover the Internet Explorer as well as other Microsoft products in order to bring uniformity to the way root certificate based security systems operate.

Microsoft has decided to update the root certificates on the numerous Windows XP machines via Windows Update. Thus the cryptographic database on clients is always up to date.

The basic requirement of the Microsoft Root Certification Program is that every certification authority shall have to pass the audit of WebTrust for Certification Authorities. Alternatively an equitable third party certification shall be acceptable. As a long term solution only those roots which expire after January 1, 2010 are included. Moreover only 3 roots can be included by a provider under the program. This is done to ensure that over-encryption does not choke user's bandwidth.

It is necessary that each root be attached with latest certificate. The company prefers that the certificate inclusion seekers send a URL where the certificate may be authenticated. The URL must be publicly accessible in order to provide experience that is as near to the real life as possible.

Only those root certificates are acceptable under the program which provide substantial business value to customers. Internal usage root certifications which are meant for use within a company are not allowed under the program as they have no public value. Finally it is mandatory that all the certificates support the CRL distribution point extension. It is also required that the CRL points to a publicly accessible location.

Microsoft has removed the distribution of separate root certificates for Windows and Internet Explorer. All new certificates are delivered via online update. Whenever the user visits a site that is accessed via a secure connection, the Windows systems tally this root (public key) with the ones that are stored in the local host. If no matches are found, the system tries to check Windows update for fresh keys. If it is not yet able to tally the keys, the site is declared to have an invalid certificate.

Microsoft updates the list which is to be delivered via root certificate update once every quarter. Thus even though your certificate may have been accepted by the company, it might be considered valid by some machines, especially those not connected to Windows update.

The process involved in Microsoft Root Certificate Program is initiated by sending an email to Microsoft with appropriate data. The participant expected to undergo the appropriate audit and send a copy of audit report, details about the certificate like validity. SHA thumbprint etc must also be sent along with a data. The Microsoft Root Certificate Program is available free of cost.

Microsoft Certificate
Certificate In Microsoft WordHow To Install Microsoft Certificate ServicesInstall And Configure Microsoft Certificate ServerMicrosoft A+ CertificateMicrosoft Access CertificateMicrosoft C++ CertificateMicrosoft Ca CertificateMicrosoft Certificate Application DevelopmentMicrosoft Certificate CenterMicrosoft Certificate CoursesMicrosoft Certificate Enrollment ControlMicrosoft Certificate ExamsMicrosoft Certificate ManagerMicrosoft Certificate OnlineMicrosoft Certificate ProfessionalMicrosoft Certificate ProgramsMicrosoft Certificate TestingMicrosoft Certificate TrainingMicrosoft Certified Systems Engineer CertificateMicrosoft Intermediate CertificateMicrosoft Project CertificateMicrosoft Root Certificate ProgramMicrosoft Specialist CertificateMicrosoft Windows CertificatePrivacy Policy