· 1 hour

Deadlines, Impact & Action: Certificate Based Authentication Changes (KB5014754)

About This Webinar

Join us for an hour of Live Q&A at our PKI Solutions "Office Hours." - Impact & Action: Certificate Based Authentication Changes (KB5014754)

To address the threats from CVE-2022-34691, CVE-2022-26931 and CVE-2022-26923, Microsoft will enforce strong mappings between an authentication certificate and the account object with a new Object Identifier Extension (OID) 1.3.6.1.4.1.311.25.2. Microsoft is phasing in changes to how certificates are mapped to Windows accounts.

These changes will cause authentication failures with certificates issued using client authentication and not using Active Directory to supply subject information. ADCS CAs, non-ADCS CAs, Managed PKIs, Public CAs, and Standalone CAs will be impacted. These offline certificate requests are how all MDM issue certificates, including NDES and Intune. Smart Cards are often offline requests which will impact federal and civilian orgs using CAC and LACS cards.

If you are facing challenges with your PKI and have issues with the enforcement of these changes we are here to help.

- Shawn Rabourn, CTO, PKI Solutions
- Mark B. Cooper, president and founder, PKI Solutions, aka The PKI Guy

Feel free to send your questions in advance to thepkiguy@pkisolutions.com.

Agenda

What this KB is all about -> what are the changes?
issues and vulnerabilities the changes intend to solve
Controls and mechanisms MS has provided to manage this
Things that Microsoft did not consider but you need to

Categories:

BUSINESS & FINANCE SCIENCE & TECH

Who can view: Everyone

Webinar Price: Free

Featured Presenters

Shawn Rabourn

CTO, PKI Solutions

Shawn brings over two decades of full-range information security and identity management experience in engineering, design, and architecture roles. His background includes time in the trenches with Azure, Active Directory, Certificate Services/Public Key Infrastructure, Identity Management, Enterprise Governance and Risk Management, Business Continuity, and Compromise Response.

VIEW PROFILE

Mark B. Cooper

President and founder of PKI Solutions

Mark B. Cooper, president and founder of PKI Solutions, is known as “The PKI Guy” since his early days at Microsoft. He has deep knowledge and experience in all things Public Key Infrastructure (PKI). PKI Solutions Inc. provides consulting, training — including online training — and implements software solutions for Microsoft PKI and related technologies at enterprises, many of them Fortune 500 companies. PKI Solutions has led hundreds of PKI trainings, including private trainings, across the country and around the world. Cooper is an avid proponent of the SHAKEN/STIR global standard to end robocalls, that uses authentication and PKI to verify callers’ identities. Prior to founding PKI Solutions, Cooper was a senior engineer at Microsoft, where he was a PKI and identity management subject matter expert who designed, implemented, and supported Active Directory Certificate Services (ADCS) environments for Microsoft’s largest customers.

VIEW PROFILE

Jake Grandlienard

Senior PKI Consultant

Jake Grandlienard brings more than 19 years of industry experience as a senior level engineer. He has spent the past 10 years designing, leading, and training clients in Public Key Infrastructure (PKI) implementations for medium to enterprise-scale Fortune 500 companies. He specializes in PKI implementations of Microsoft-based identity solutions, including Microsoft Active Directory Certificate Services (ADCS) as well as integration with other security and identity management technologies. Jacob is a subject matter expert in PKI, mobile device management software, smart card management software, and Hardware Security Module (HSM) integration.

VIEW PROFILE