• Please help support our sponsors by considering their products and services.
    Our sponsors enable us to serve you with this high-speed Internet connection and fast webservers you are currently using at ADSM.ORG.
    They support this free flow of information and knowledge exchange service at no cost to you.

    Please welcome our latest sponsor Tectrade . We can show our appreciation by learning more about Tectrade Solutions
  • Community Tip: Please Give Thanks to Those Sharing Their Knowledge.

    If you receive helpful answer on this forum, please show thanks to the poster by clicking "LIKE" link for the answer that you found helpful.

  • Community Tip: Forum Rules (PLEASE CLICK HERE TO READ BEFORE POSTING)

    Click the link above to access ADSM.ORG Acceptable Use Policy and forum rules which should be observed when using this website. Violators may be banned from this website. This notice will disappear after you have made at least 3 posts.

E2E crypto catch-22?

TonyB

ADSM.ORG Senior Member
#1
Hi,

I'm fairly sure this is a catch-22 but wanted to get verification...

The scenario is:

Client configured with serveronly session initiation plus encryptkey in save mode...

Server configured with serveronly session init for that client...

The catch-22 is:

The client cannot be used to prompt for and save a crypto key because its in serveronly init mode.

The server can initiate a session but that session can't prompt for a key...

The result is:

You have to use encryptkey in generate mode, which stores the crypto key at the TSM server and permits any buffoon (like me) that can use a grant command to read the encrypted data...


Does this sound about right?


Ty,

Tony
 

Advertise at ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

UpCloud high performance VPS at $5/month

Get started with $25 in credits on Cloud Servers. You must use link below to receive the credit. Use the promo to get upto 5 month of FREE Linux VPS.

The Spectrum Protect TLA (Three-Letter Acronym): ISP or something else?

  • Every product needs a TLA, Let's call it ISP (IBM Spectrum Protect).

    Votes: 17 19.5%
  • Keep using TSM for Spectrum Protect.

    Votes: 53 60.9%
  • Let's be formal and just say Spectrum Protect

    Votes: 10 11.5%
  • Other (please comement)

    Votes: 7 8.0%

Forum statistics

Threads
31,466
Messages
134,102
Members
21,565
Latest member
Chrescht
Top