...
Contents:
| Table of Contents |
|---|
Technical Considerations
Initially, one or more RAOs from each organization will be given the ability to manage client certificates. Before a RAO can issue client certificates, a decision regarding key escrow must be made. Key escrow (also known as "key recovery" in the CSM) is available to all subscribers of the InCommon Certificate Service for no additional fee.
| Info | ||
|---|---|---|
| ||
All current organizations have key escrow enabled. The only way to change this is to create a new organization instance in the CSM. InCommon made the decision about key escrow many months in advance of deploying client certificates, when SSL was the only service in operation and the key escrow functionality in CSM was still in its infancy. Since we didn't want to disable potentially useful functionality for an entire organization's life cycle, we chose to enable escrow for all organizations. |
Enabling or disabling key escrow for organizations or departments has the following consequences:
- The decision whether to enable or disable key escrow for an organization (resp., department) is made when the organization (resp., department) is created. The decision regarding key escrow is final and cannot be subsequently modified.
- If key escrow is enabled for an organization, client certificates can not be issued until a RAO initializes the key escrow database for the organization. The importance of this one-time operation can not be overemphasized.
- As RAOs create new departments, an independent decision is made whether or not to enable key escrow for the department. If key escrow is enabled for the department, client certificates can not be issued until a DRAO initializes the key escrow database for that department. The initialization process for the department is exactly the same—and just as important—as it is for the organization.
A Note about Organizations and Departments
...
In the Certificate Services Manager (CSM) web interface, the organization and department constructs do not constitute a parent/child hierarchy. Organization settings are settings that apply to issued certificates when no department is specified. Department settings are independent of organization settings. Consequently, for example, an organization may or may not have key escrow enabled, but this is completely independent of whether or not any particular department has key escrow enabled. As another example, just as only one key usage template may be applied to a department, so only one key usage template may be applied to an organization. In many ways, an organization is just another department, at least in the CSM.
...
| Anchor | ||||
|---|---|---|---|---|
|
Key Escrow
Key escrow (also known as "key recovery" in the CSM) is available to all subscribers of the InCommon Certificate Service for no additional fee. Key escrow provides for offline storage of users' private keys in an encrypted database for the purposes of backup and recovery. Once an escrow database is created for an organization or department, it cannot be removed from the system or made inactive.
Understanding Key Escrow
Initially, one or more RAOs from each organization will be given the ability to manage client certificates. Before a RAO can issue client certificates, a decision regarding key escrow must be made.
| Info | ||
|---|---|---|
| ||
All current organizations have key escrow enabled. The only way to change this is to create a new organization instance in the CSM. InCommon made the decision about key escrow many months in advance of deploying client certificates, when SSL was the only service in operation and the key escrow functionality in CSM was still in its infancy. Since we didn't want to disable potentially useful functionality for an entire organization's life cycle, we chose to enable escrow for all organizations. |
Enabling or disabling key escrow for organizations or departments has the following consequences:
- The decision whether to enable or disable key escrow for an organization (resp., department) is made when the organization (resp., department) is created. The decision regarding key escrow is final and cannot be subsequently modified.
- If key escrow is enabled for an organization, client certificates can not be issued until a RAO initializes the key escrow database for the organization. The importance of this one-time operation can not be overemphasized.
- As RAOs create new departments, an independent decision is made whether or not to enable key escrow for the department. If key escrow is enabled for the department, client certificates can not be issued until a DRAO initializes the key escrow database for that department. The initialization process for the department is exactly the same—and just as important—as it is for the organization.
| Anchor | ||||
|---|---|---|---|---|
|
...