SQL Clone
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

Certificates Everywhere

By Steve Jones,

One of the things that I think has been most disappointing to me in technology over the last few decades is the lack of progress is managing security keys and certificates. There hasn't been a really good method designed that works well at scale for disparate organizations.

Recently at the DevConnections conference, I saw a talk where Mark Minasi talked about the future of tablets and smartphones, where he mentioned the idea that we will use many devices in the future that don't necessarily need to connect to the domain inside a company. They'll still authenticate, but with certificates.

That would be the ideal situation for me, a world where we individually have multiple certificates that identify us, and allow us to have secure communications, layers of security for different purposes, and a way to easily revoke, change, and add new certificates as needed. I'd be able to use easily manage certificates across devices to provide some level of authentication.

As we move to the deep intermixing of user and company devices, it does start to make sense that we consider using a more ad hoc authentication scheme that can be deployed in a more distributed fashion, rather than the monolithic, authenticate to the domain completely or not at all, scheme we have now.

I don't have a solution worked out, but I know there are some very smart security people out there and I'd hope that they are working on a variety of solutions that will increase the security we have, while allowing us lots of flexibility.

Steve Jones

The Voice of the DBA Podcasts

We publish three versions of the podcast each day for you to enjoy.

Everyday Jones

The podcast feeds are available at sqlservercentral.mevio.com. Comments are definitely appreciated and wanted, and you can get feeds from there. Overall RSS Feed: or now on iTunes!

Today's podcast features music by Everyday Jones. No relation, but I stumbled on to them and really like the music. Support this great duo at www.everydayjones.com.

You can also follow Steve Jones on Twitter:

Total article views: 179 | Views in the last 30 days: 1
Related Articles

Podcast Announcements

Podcast Feeds


Managing security and Certificates

In which circumstances will one use certificates and how do you manage security scripts


Two Factor Authentication

SQL Server doesn't support two factor authentication, but Steve Jones thinks it might be a good idea...


Security Questions: Authentication Performance

As I mentioned in the introductory post, during the Introduction to SQL Server Security session for ...



There seems to be quite a flurry of talk these days about certification. There is evidence of it in...