Key Recovery Process; Key Recovery Agents And Their Passwords - Netscape MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR Administrator's Manual

Key Recovery Process

The Data Recovery Manager supports agent-initiated key recovery. In this method
of key recovery, designated recovery agents use the Key Recovery form provided
in the Data Recovery Manager Agent Services interface to process key recovery
requests, list archived keys, and approve recovery. With the approval of a specified
number of agents, an organization can recover keys when the key's owner is
unavailable or when keys have been lost.

Key Recovery Agents and Their Passwords

Key recovery agents have the authority to retrieve end-entity's encryption private
keys. The recovery agent's role can be performed by any person in your
organization. As system administrator, you can designate one or more individuals
to be key recovery agents. These individuals need to do the following:
• They must specify a secure password, which in combination with other
recovery agents' passwords will be used for protecting the database in which
the Data Recovery Manager stores end-entity's keys. You facilitate this by
allowing each recovery agent to enter a password in the Data Recovery
Manager during configuration.
• They must be available to retrieve your end-entity's encryption private keys if
the need arises. It isn't necessary for all key recovery agents to be available for
the key recovery operation. You specify how many agents are required to
authorize the recovery of a key; see "Key Recovery Agent Scheme" on
page 211. However, the specified number of key recovery agents must all
provide their passwords at the same time to authorize the recovery of a specific
key.
The first time you create key recovery agents and specify their passwords is during
the installation of the Data Recovery Manager. However, you can change the
number of recovery agents and their passwords later by modifying it in the Data
Recovery Manager configuration; see "Changing Key Recovery Agents'
Passwords" on page 213.
Secret Sharing of Storage Key Password
The Data Recovery Manager uses the private key of its storage key pair to encrypt
the end-entity's encryption private keys. This requires that the storage key be well
protected. For the protection of the storage key pair, the Data Recovery Manager
supports a password-splitting mechanism called m of n secret splitting or sharing,
Key Recovery Process
Chapter 6 Data Recovery Manager 205