In lab I've been able to set up Certificate Services, and issue the certs to users. I've been able to use them to sign email (their main purpose for me).....but I would really like to have the certificates fully trusted beyond my own domain. I'd like the certificates to be tied to a real, root Certifying Authority such as a Verisign or GeoTrust, so that the certs are fully functional and can be fully trusted by those beyond my enterprise.
Am I nuts? I can't find any documentation in the reams and reams I've read from Microsoft that tells me how to do this...which tells me it's probably incredibly simple.