The Host Master Key (HMK) and the Key Protection Key (KPK) are meant to prevent 
someone with access to the KMS data file from deciphering its contents. You 
need to know both the KPK and the HMK to be able to decrypt the KMS data file.

If someone has access to the passphrases used to create the data encryption 
keys (and the key tags), they can always create an empty KMS db and populate it 
with the keys required to decrypt images encrypted with those keys.

+----------------------------------------------------------------------
|This was sent by malhotrag AT gmail DOT com via Backup Central.
|Forward SPAM to abuse AT backupcentral DOT com.
+----------------------------------------------------------------------


_______________________________________________
Veritas-bu maillist  -  Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu