Table of Contents
Advertisement
Verify that the current m of n scheme is appropriate for your PKI setup. If it isn't,
change the scheme following the instructions in "Changing the Key Recovery
Agent Scheme" on page 209.
Step B. Facilitate the Key Recovery Agents to Change the
Passwords
During the installation of Data Recovery Manager, after you specified the m of n
scheme, you were also prompted to provide unique passwords for each recovery
agent. It is quite likely that you specified these passwords yourself instead of it
being done by those individuals who have been designated with the key recovery
agents' role in your organization. Therefore, you must get the designated recovery
agents to change the passwords entered during installation.
•
To understand the significance of key recovery agents' passwords, see "Key
Recovery Agents and Their Passwords" on page 203.
•
To get the recovery agents to change the passwords, follow the instructions in
"Changing Key Recovery Agents' Passwords" on page 211.
Step C. Determine the Authorization Mode for Key Recovery
The Data Recovery Manager allows key recovery agents to authorize recovery of
an end-entity's encryption private key locally or remotely. The default
configuration is local authorization. It is important that you evaluate both the
authorization modes, and choose the one that is appropriate for your organization.
For more information about this, see "Local Versus Remote Key Recovery
Authorization" on page 205.
If want the key recovery agents to authorize key recovery remotely, be sure to set
them up as Data Recovery Manager agents following the instructions in "Setting
up Administrators, Agents, and Auditors" on page 328.
Step D. Customize the Key Recovery Form
Key recovery agents need an appropriate interface to initiate the key recovery
process. By default, the Data Recovery Manager's Agent Services interface includes
an HTML form (
recoverKey.html
key recovery process and retrieve end-entity's encryption keys. For details about
this form, check CMS Customization Guide.
If you want to customize this form to suit your organization, be careful not to
delete any of the information that is vital to the functioning of the form; it is
recommended that you restrict your changes to the content presented in the form.
Configuring Key Archival and Recovery Process
) that allows key recovery agents to initiate the
Chapter 6
Data Recovery Manager
235
Advertisement
Table of Contents
Related Manuals for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
Related Products for Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - CUSTOMIZATION
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - PLUG-IN
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.01 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.0
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - AGENT GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE
- Netscape NETSCAPE MANAGEMENT SYSTEM 6.1 - ADMINISTRATOR
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - CUSTOMIZATION GUIDE
- Netscape NETSCAPE MANAGEMENT SYSTEM 4.5 - PLUG-IN