[1] The Project Vesuvius approach was to separate the Certificate Discovery component from the rest of the project and create a customized ‘search engine’ capable of spidering any network and returning any, and all, SSL information in list format. The first version of this was available by Q4, 2002.
The second component that would ultimately give the project its name (i.e. Automated & Authenticated Certificate Delivery™) was returned to the Board almost four years later and the project’s Logic was confirmed as follows:
Project Vesuvius for Certificate Life cycle Automation will:
The effect of this is that:
The completed solution also exceeded the initial brief because
Project Vesuvius was renamed AACD™ and was immediately moved into production prior to its release in 2007.
In considering the medium to large IT environment, Administrator and User roles, server grouping, permissions, reporting and report designing, planning, implementation, harden [2] and quality checking are components of the total project. When considering SSL automation, each of these requirements must be examined.
Returning to the AACD™ Logic in sub-section 3.2, the design of the AACD™ system means that, with exception of the Certificate Discovery Search Engine™ [CDSE™] (see sub section 2.5.4), it will have little, or no, impact on your current infrastructure. Also, on the basis that the CDSE™ is an optional addition to the AACD™ system and that it has no impact on your environment, there is no requirement to plan for developing reports, specialist configuration and/or subsequent vulnerability checks on the network either.
Links:
[1] https://www.digi-sign.com/downloads/download.php?id=aacd-digi-ssl-pdf
[2] http://www2.digi-sign.com/aacd/security