McAfee MEJCAE-AM-DA Product Guide - Page 12
validate, trust, in E-Business Server.
View all McAfee MEJCAE-AM-DA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 12 highlights
E-Business Server Basics Basic steps for using E-Business Server After you have created a key pair, you can begin corresponding with other E-Business Server users or users of OpenPGP-compliant applications. You will need a copy of their public key and they will need yours. Your public key is just a block of text, so it's quite easy to trade keys with someone. You can include your public key in an email message, copy it to a file, or post it on a public or corporate key server where anyone can get a copy when they need it. You can, of course, use so me of E-Business Server's functionality without exchanging keys with others. However, to encrypt information to another person, you need his or her public key, and conversely, others will need your key if they wish to encrypt information to you. You can keep copies of others' keys stored in your public keyring file. For more information about exchanging public keys, refer to and Exchanging keys with others on page 24. 5 Validate public keys. Validation is a tricky concept within E-Business Server, and you might want to read about it in more detail in the accompanying Introduction to Cryptography. Validation goes hand-in-hand with a concept called trust. In a nutshell, once you've obtained a copy of someone's public key, you can tell E-Business Server how you feel about the key--whether or not you've made sure that the key has not been tampered with and that it really belongs to the purported owner. You can also tell E-Business Server whether or not and to what degree you trust the owner of the key to make such checks on other keys. If you tell E-Business Server you trust the key's owner, then E-Business Server will consider valid any keys the trusted person validates. Persons you trust are called trusted introducers. To validate a key, you compare the unique fingerprint on your copy of someone's public key to the fingerprint on that person's original key. If it checks out, you can then digitally sign the valid key (using your own private key) to tell others (and E-Business Server) that you consider it valid. To trust a key's owner (not the key, the owner), you set trust values in E-Business Server. Your Corporate Security Officer can act as a trusted introducer, and you may then consider any keys signed by the corporate key to be valid keys. If you work for a large company with several locations, you may have regional introducers, and your Security Officer may be a meta-introducer, which is a trusted introducer of trusted introducers. For more information checking validation and setting trust, see Validity and trust on page 46. 6 Encrypt and sign your files. After you have generated your key pair and have exchanged public keys, you can begin encrypting and digitally signing files. For more information on encryption, see Encrypting information on page 60. For more information on digital signatures, see Signing information on page 44. 7 Decrypt and verify your files. When someone sends you encrypted data, you can decrypt the contents and verify any appended signature to make sure that the data originated with the alleged sender and that it has not been altered. For more information on decryption, see Decrypting information on page 65. For more information on verifying digital signatures, see Verifying a digital signature on page 46. 8 Wipe files. When you need to permanently delete a file, you can use the wipe command to ensure that the file is unrecoverable. The file is immediately overwritten so that it cannot be retrieved using disk recovery software. For more information on wiping files, see Wiping your disk on page 71. E-Business Server™ 8.6 Product Guide 10