I am setting up a new SubCA in our environment which has been install and setup according. When setting up the new CA the server will automatically published a handful to templates: Computer, Kerbose Authentication, Domain Controller Authentication etc.. When I was setting up the CA and before I removed some of the default published templates a workstation was issued the Domain Controller Authentication and Kerbose Authentication templates. From a security point of via is this a bad thing and should I revoke the certs. Why is the version 1 computer template automatically published by default with the client / server key usage?
Version 1 certificate templates support general certificate needs and provide compatibility with clients and issuing CAs running Windows 2000 operating systems. Version 1 templates are installed by default during CA setup and cannot be deleted.
The only property that can be modified on a version 1 template is the set of assigned permissions that controls access to the template.
Compared to V1, the V2 certificate templates were introduced in Windows Server 2003 and can be configured by an administrator to control the way certificates are requested, issued, and used. These templates provide support for certificate autoenrollment. In addition to V2 template features and autoenrollment, V3 certificate templates provide support for Suite B cryptographic algorithms. These algorithms were created by the U.S. NSA to specify cryptographic algorithms that must be used by U.S. government agencies to secure confidential information.