We have been working on moving toward future implementation of document encryption and electronic signatures using Adobe Acrobat 9 Standard. I have read 21 CFR 11, and accompanying guidances. Are there any best practice recommendations for how to meet these standards using this technology?
There are some requirements that I am unsure of how to best implement.
Those are some pretty big questions! I'm not saying that your company can't become a CA because obviously there are companies that have, but this is almost something that happens at the state level if your not already intimate with PKI. Just from the tenor of your questions I'd suggest you contract with a reputable, existing CA to provide your PKI infrastructure. I could explain key management and how revocation checking works, but really if you're asking in an Adobe forum this is way more than you want to be dealing with.
If you're really interested you need to start with reading RFC 5280.
Since you mentioned Part 11, have you looked at using SAFE-BioPharma credentials for signing? That would resolve most of your questions, and may save you a good deal of effort.