I have a specific need inside my organization and want to know if it would be possible. Any suggestion would be appreciated;
Inside my organization, for several reasons, there are distributed a lot of certificates installed inside each worker computers. Each worker may have maybe 5 or 6 certificates to access several webs, sign documents, etc. Each time a computer is broken and reinstalled, or a new worker is hired or someone is fired, the management of that certificates, become a real headache; removal, re-installation, etc.
I am proposing to my organization to develop some kind of certificate repository to centralize the several certificates of my organization.
My questions are about to the possibility to develop and change or implement the keystore o a new CSP or KSP so this new crypto provider could access a central service/server/repository to present (authenticate), and sign documents every time a specific user needs it.
In the case of computer reinstallation, just installing the developed driver/csp, would give access to the central certificate repository.
The concrete questions are if you think it would be possible to develop that driver/CSP/KSP piece of software and what is your opinion about the possibilities to implement it successfully in a maintainable way into MS-Windows environments. How would you focus this development?, just some tips about what it would be possible or not.
Regards,
