[ol8_appstream] pki-kra-10.8.3-1.0.1.module+el8.2.0+5594+09d37207.noarch

Name:pki-kra
Version:10.8.3
Release:1.0.1.module+el8.2.0+5594+09d37207
Architecture:noarch
Module:pki-core:10.6:8020020200326162741:338751f5
Group:Unspecified
Size:537225
License:GPLv2 and LGPLv2
RPM: pki-kra-10.8.3-1.0.1.module+el8.2.0+5594+09d37207.noarch.rpm
Source RPM: pki-core-10.8.3-1.0.1.module+el8.2.0+5594+09d37207.src.rpm
Build Date:Thu Apr 30 2020
Build Host:jenkins-10-147-72-125-f0cff4d1-d211-4cce-8fe9-23a5378ed0db.appad1iad.osdevelopmeniad.oraclevcn.com
Vendor:Oracle America
URL:http://www.dogtagpki.org/
Summary:PKI KRA Package
Description:
The Key Recovery Authority (KRA) is an optional PKI subsystem that can act
as a key archival facility.  When configured in conjunction with the
Certificate Authority (CA), the KRA stores private encryption keys as part of
the certificate enrollment process.  The key archival mechanism is triggered
when a user enrolls in the PKI and creates the certificate request.  Using the
Certificate Request Message Format (CRMF) request format, a request is
generated for the user's private encryption key.  This key is then stored in
the KRA which is configured to store keys in an encrypted format that can only
be decrypted by several agents requesting the key at one time, providing for
protection of the public encryption keys for the users in the PKI deployment.

Note that the KRA archives encryption keys; it does NOT archive signing keys,
since such archival would undermine non-repudiation properties of signing keys.

Changelog (Show File list) (Show related packages)