The Certificate Services Remote Administration Protocol consists of a set of Distributed Component Object Model (DCOM) interfaces, as specified in [MS-DCOM], that allow administrative tools to configure the state and policy of a certification authority (CA) on a server.
For a complete understanding of this protocol, familiarity with public key infrastructure (PKI) concepts such as asymmetric and symmetric cryptography, asymmetric and symmetric encryption techniques, digital certificate concepts, and cryptographic key establishment is required. A comprehensive understanding of the X.509 standard, as specified in [X509], is also required.
The Handbook of Applied Cryptography provides an excellent introduction to cryptography and PKI concepts. For more information, see [CRYPTO]. The X.509 standard, as specified in [X509], provides an excellent introduction to PKI and certificate concepts. certificate revocation and status checking provides an excellent introduction to certificate revocation lists (CRLs) and revocation concepts. For more information, see [MSFT-CRL].
Sections 1.8, 2, and 3 of this specification are normative and can contain the terms MAY, SHOULD, MUST, MUST NOT, and SHOULD NOT as defined in RFC 2119. Sections 1.5 and 1.9 are also normative but cannot contain those terms. All other sections and examples in this specification are informative.