[Veritas-bu] NetBackup KMS best practices for passphrases
2011-04-12 12:51:58
The Host Master Key (HMK) and the Key Protection Key (KPK) are meant to prevent
someone with access to the KMS data file from deciphering its contents. You
need to know both the KPK and the HMK to be able to decrypt the KMS data file.
If someone has access to the passphrases used to create the data encryption
keys (and the key tags), they can always create an empty KMS db and populate it
with the keys required to decrypt images encrypted with those keys.
+----------------------------------------------------------------------
|This was sent by malhotrag AT gmail DOT com via Backup Central.
|Forward SPAM to abuse AT backupcentral DOT com.
+----------------------------------------------------------------------
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
|
|