Global Sales Contact List

Contact   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

RSA Laboratories

4.1.3.3 How does one get a key pair?

A user can generate his or her own key pair, or, depending on local policy, a security officer may generate key pairs for all users. There are tradeoffs between the two approaches. In the former, the user needs some way to trust his or her copy of the key generation software, and in the latter, the user must trust the security officer and the private key must be transferred securely to the user. Typically, each node on a network should be capable of local key generation. Secret-key authentication systems, such as Kerberos, often do not allow local key generation, but instead use a central server to generate keys.

Once a key has been generated, the user must register his or her public key with some central administration, called a Certifying Authority (CA). The CA returns to the user a certificate attesting to the validity of the user's public key along with other information (see Questions 4.1.3.10-4.1.3.12). If a security officer generates the key pair, then the security officer can request the certificate for the user. Most users should not obtain more than one certificate for the same key, in order to simplify various bookkeeping tasks associated with the key.


Top of the page

Notes:
Connect with EMCConnect with EMC
Need help immediately? EMC Sales Specialists are standing by to answer your questions real time.
Use Live Chat for fast, direct access to EMC Customer Service Professionals to resolve your support questions.
Explore and compare EMC products in the EMC Store, and get a price quote from EMC or an EMC partner.
We're here to help. Send us your sales inquiry and an EMC Sales Specialist will get back to you within one business day.
Want to talk? Call us to speak with an EMC Sales Specialist live.