Netscape MANAGEMENT SYSTEM 6.0 Installation And Setup Manual page 40
Hide thumbs
Also See for NETSCAPE MANAGEMENT SYSTEM 6.0:
- Manual (302 pages) ,
- Installation and migration manual (66 pages) ,
- Administrator's manual (470 pages)
Table of Contents
Advertisement
Overview of Key Features
Key archival and recovery for encryption private keys
If your organization uses S/MIME to encrypt mail messages, you can use the key
archival feature offered by Certificate Management System to back up users'
encryption private keys. This feature is useful when a key becomes
unavailable—as, for instance, in the following cases:
•
An employee loses an encryption private key (for example after a disk crash or
by forgetting the password to the key file) and is unable to read previously
encrypted data.
•
An employee leaves the company, and company officials need to perform an
audit that requires gaining access to the employee's encrypted data.
For more information, see Chapter 22, "Setting Up Key Archival and Recovery."
Encrypted key storage and password-protected recovery
Certificate Management System stores users' encryption private keys in an
encrypted key repository. Keys can be retrieved only by authorized key recovery
agents. The key repository is encrypted using a Data Recovery Manager's storage
private key, which is protected with one or more recovery agents' passwords. Only
these designated recovery agents can authorize and initiate a key recovery process.
For more information, see "Where the Keys are Stored" on page 718.
Extensive audit and log records for detection of tampering
Certificate Management System maintains audit trails for all events—certificate
requests and issuance, revocation requests, CRL publication, and so on. These
audit records enable you to detect any unauthorized access or activity. In addition,
extensive system and error logs record various events and system errors so that
you can monitor and debug the system. All log records are stored in your local file
system for quick and easy retrieval.
For more information, see Chapter 23, "Managing CMS Logs."
Supports signing of log files for tamper detection
Certificate Management System allows you to sign log files digitally before
archiving them or distributing them for audit purposes. This feature enables you to
check whether the log files were tampered with after being signed.
For more information, see "Signing Log Files" on page 770.
40
Netscape Certificate Management System Installation and Setup Guide • March 2002
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN