Manualshelf

System information

ManualsBrandsRed Hat ManualsOtherCERTIFICATE SYSTEM 8 - AGENTS GUIDE
61626364656667686970
Show completed requests. Completed requests include archival requests for which proof of
archival has been sent and completed recovery requests.
Show all requests. All requests stored in the system.
5. To start the list at a specific place in the queue, enter the starting request identifier in decimal
or hexadecimal form. Use 0x to indicate the beginning of a hexadecimal number; for
example, 0x2A. Key identifiers are displayed in hexadecimal form in the Search Results and
Details pages.
6. Choose the number of matching requests to be returned. The system displays that number of
requests, beginning with the starting request identifier.
7. Click Find.
The DRM displays a list of the key service requests that match the search criteria. Select a
request from the list to examine it in more detail.
8. On the Key Service Request Queue form, find a particular request. If the desired request is
not shown, scroll to the bottom of the list, and use the arrows to move to another page of
search results.
9. Clicking the ID number next to a request opens the Request Details form, which gives the
complete information for the request. The request cannot be modified in this page.
Note
If the system changes the state of the displayed request, using the browser's
Back or Forward buttons or the history to navigate through the pages can cause
the data shown to become out of date. To refresh the data, click the highlighted
key identifier at the top of the page.
2. Finding and Recovering Keys
If an end user loses a private encryption key or if a key's owner is unavailable, data encrypted
with that key cannot be read unless a copy of the private key was archived when the key was
created. The archived key can then be recovered and used to read the data.
A DRM agent manages key recovery through the DRM agent services page. Archived keys can
be searched to view the details or to initiate a key recovery. Once a key recovery is initiated, a
minimum number of designated DRM agents are required to authorize the recovery.
Version 7.1 of Red Hat Certificate System introduced a new m-of-n, ACL-based recovery
scheme to replace the old m-of-n, secret-splitting-based recovery scheme.
Chapter 7. DRM: Recovering Encrypted Data
62