Netscape MANAGEMENT SYSTEM 4.5 Installation And Setup Manual page 746
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 4.5:
Table of Contents
Advertisement
Key Recovery Process
If the request passes all the policy rules, the Data Recovery Manager sends a
3.
confirmation HTML page to the web browser the agent used. If the request
fails any of the policy checks, the server logs an appropriate error message.
The confirmation page contains information and input sections:
The key recovery agents verify the information in the confirmation page and
4.
enter the certificate in MIME-64 format, the password for the PKCS #12
package, and their individual identifiers and passwords. The Data Recovery
Manager agent submits the page to the Data Recovery Manager.
The Data Recovery Manager matches the key recovery agent information with
5.
its m of n scheme (see "Key Recovery Agent Scheme" on page 747). After
verifying that the required number of recovery agents entered their passwords,
the server uses the agents' passwords to construct the PIN required to access
the private key repository.
The Data Recovery Manager then retrieves the user's private key from its key
6.
repository and decrypts it by using the private component of the storage key
pair.
The Data Recovery Manager packages the user's certificate and the
7.
corresponding private key as a PKCS #12 package and encrypts it with the
PKCS #12 password provided by the recovery agent. It then delivers the
package to the client the recovery agent used to initiate the key recovery
process, and prompts the agent to store the encrypted package. The agent may
choose to store the package in the local file system of the client machine (only if
it has restricted access) or on a floppy diskette.
The recovery agent can then send the encrypted PKCS #12 package and the
corresponding password to an individual by any secure, out-of-band means.
746
Netscape Certificate Management System Installation and Setup Guide • October 2001
The information section includes the user's information.
The input section includes fields for entering the user's certificate
corresponding to the key that needs to be recovered, the password for the
PKCS #12 package, and key recovery agents' passwords.
The Data Recovery Manager uses the certificate to construct the
PKCS #12 package (which includes the user's encryption private key and
corresponding certificate), the PKCS #12 password to encrypt the PKCS
#12 package, and key recovery agents' passwords to construct the PIN
required to unlock its key repository.
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 4.5
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE