-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-9281 2013-05-26 02:09:08 --------------------------------------------------------------------------------
Name : pki-kra Product : Fedora 17 Version : 9.0.15 Release : 1.fc17 URL : http://pki.fedoraproject.org/ Summary : Certificate System - Data Recovery Manager Description : Certificate System (CS) is an enterprise software system designed to manage enterprise Public Key Infrastructure (PKI) deployments. The Data Recovery Manager (DRM) is an optional PKI subsystem that can act as a Key Recovery Authority (KRA). When configured in conjunction with the Certificate Authority (CA), the DRM stores private encryption keys as part of the certificate enrollment process. The key archival mechanism is triggered when a user enrolls in the PKI and creates the certificate request. Using the Certificate Request Message Format (CRMF) request format, a request is generated for the user's private encryption key. This key is then stored in the DRM which is configured to store keys in an encrypted format that can only be decrypted by several agents requesting the key at one time, providing for protection of the public encryption keys for the users in the PKI deployment. Note that the DRM archives encryption keys; it does NOT archive signing keys, since such archival would undermine non-repudiation properties of signing keys. For deployment purposes, a DRM requires the following components from the PKI Core package: * pki-setup * pki-native-tools * pki-util * pki-java-tools * pki-common * pki-selinux and can also make use of the following optional components from the PKI Core package: * pki-util-javadoc * pki-java-tools-javadoc * pki-common-javadoc * pki-silent Additionally, Certificate System requires ONE AND ONLY ONE of the following "Mutually-Exclusive" PKI Theme packages: * dogtag-pki-theme (Dogtag Certificate System deployments) * redhat-pki-theme (Red Hat Certificate System deployments) -------------------------------------------------------------------------------- Update Information: Bugzilla Bug #903401 - TMS: RSA token enrollment failed : public key decode -------------------------------------------------------------------------------- ChangeLog: * Fri May 24 2013 Andrew Wnuk <[email protected]> 9.0.15-1 - Bugzilla Bug #903401 - TMS: RSA token enrollment failed : public key decode * Tue Dec 11 2012 Andrew Wnuk<[email protected]> 9.0.14-1 - Bugzilla Bug #861467 - Directory authenticated user certificate enrollments fail when anonymous access disabled. * Tue Oct 30 2012 Andrew Wnuk <[email protected]> 9.0.13-1 - New official build - TMS - ECC Key Recovery - ticket #252 (cfu) - TMS secure recovery part of - bug #737122 (cfu) * Tue Apr 10 2012 Christina Fu <[email protected]> 9.0.12-1 - Bugzilla Bug #745278 - [RFE] ECC encryption keys cannot be archived -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update pki-kra' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
