Problem Validation: SSL & TLS cert monitoring
Results from validation
- Human factors are a big issue with the process. Teams and individuals move around so much and have competing priorities, so there is a big opportunity for PKI to "fall through the cracks" and be overlooked until something goes wrong.
- Advanced technical expertise is required to properly configure systems with PKI. Many people don't have this experience and knowledge of how to configure systems correctly.
- Many people don't have a lot of context or domain expertise in this area.
These points illustrate that as we move forward in PKI Management, we must focus on simplifying the process as much as we can by providing sane defaults and doing the "right thing" for users whenever we can. This is an example of where our convention over configuration principle will be key. Additionally, we should work to automate most of these processes, so that users don't need to re-configure anything after the first time, since it is clear that there are generally not dedicated people focusing on this area.
We started with this canvas to guide us