Section 4 of 5: Configuring the Verified Directory Service on a separate network interface with TLS.Section 3 of 5: Allow SMIME Certificates to be uploaded via the Verified Directory web portal.Section 2 of 5: Configuring Verified Directory.Section 1 of 5: Enabling the Verified Directory service.However, unlike External User keys, Verified Directory keys are not replicated to other cluster members. Once a key that has been uploaded using Verified Directory is published, it is available for use in encryption in the same way as the keys of External Users. The Verified Directory web interface allows users to search the directory for the public keys of persons to whom they want to send secured messages. This key pair should be created on a standalone system running PGP Command Line or Encryption Desktop. Prior to enabling Verified Directory, you must upload a Verified Directory key by navigating to Keys / Organization Keys and clicking on the button to upload a Verified Directory Key. Keys submitted by external users are signed by the Verified Directory Key. Keys submitted by internal users are signed by the Encryption Management Server Organization Key. Published user keys are signed by another key. If the key owner responds to the verification message with permission to add the key, then the key is added to the directory.Ĭlearly, if an internal user submits a third party's public key to Verified Directory then the email Vetting Method is not appropriate because the third party would receive verification emails. The Verified Directory service is disabled by default.ĭepending on the Vetting Method that is configured, Verified Directory sends verification messages to the email addresses of the keys that are submitted to it. However, this is only available over LDAP or LDAPS and it also requires the Keyserver service to be enabled. It also allows users running Symantec Encryption Desktop (PGP Desktop) or PGP Command Line to upload public keys to Encryption Management Server. The Symantec Encryption Management Server (PGP Server) Verified Directory (VKD) service allows internal or external users to upload their public keys using a web interface.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |