Because of this, the keypair must be backed up locally. The Keypair for Encryption is stored on the server, however, only the user has the keypair for the signing portion of the key. SCKM keys are generated on the client and uploaded to the server. Key Reconstruction can be used to reconstitute the key, but the user must remember the Questions and answers to do so. As a result, if the GKM user loses their private key, the key is not recoverable and all data encrypted to the key is lost. The Symantec Encryption Management Server has a copy of the key pair, however, the server does not store the user's passphrase. With a GKM key, the end user has the private key and passphrase of the key. Make sure you backup the keypair and don't forget the passphrase. If a CKM user loses their private key, the key is not recoverable and all data encrypted to the key is lost. The Symantec Encryption Management Server has only the public portion of the key. This means that the end user is solely responsible for backing it up. With a CKM key, only the end user has the private key and passphrase of the key. To ensure all users are generated using SKM, disable all keymodes except for SKM and during client enrollment, even the key generation process is more seamless.This is the only key mode where the user does not need to remember a passphrase for their key and because of this, this is the easiest method for key management.Even if the keypair is accidentally deleted on the local machine, the user can update policy and immediately be back in working order. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |