Feb 7, 2018

KEY rollover

All cryptographic keys have a life cycle that can represented by states:
Generated == the key is created but only the “owner” knows of its properties.
Published == the key has been made public either as a public key or a hash of it.
Active == the key is in use
Retired == the has been withdrawn from service but is still published
Revoked == they key has been marked as not to be trusted ever again.
Removed == taken out of publication

Different keys move through the states in different ways depending on the usage, for example some keys are never revoked, just removing them is sufficient.

Post a Comment

Featured Post

DMARC is a type of email authentication protocol that leverages the widely used SPF and DKIM protocols to improve a sender’s understanding of how their email in circulation is processed.

Email claiming to be from their domain is analyzed by receiving organizations and a digest of acceptance/failures is sent back to the sende...