[Box Backup] Certificate management
Ben Summers
boxbackup@fluffy.co.uk
Tue, 8 Feb 2005 09:43:56 +0000
On 8 Feb 2005, at 09:43, Nick Knight wrote:
> Hello all,
>
> I am looking to write some procedures for our internal use on using
> boxbackup, most of it is done so far but there is a coupe of
> outstanding
> procedures I need to still write.
>
> The main one is what to do if a client thinks certificates has possible
> fallen into the wrong hands. In this situation what is the best
> procedure to follow, i.e. which certificates should be regenerated, and
> how should the old ones be blocked.
I don't see the certificates as being terribly important, to be quite
honest. They're really just used to ensure end to end encryption. There
isn't a specific mechanism to block them at the moment, apart from
deleting the account on the server and starting again with a different
account number.
The important thing is the keys file. If that is lost, move the current
backups offline, and start again with a new keys file (and a new
account number, in case the cert got lost too.)
Ben