Key Management Considerations

PDF The Key Management issue can be complex and the sub sections of this document are here only as an guideline to the deeper issues. In selecting the best approach for your environment, the Digi-CAST™ Team can advise you and their advice will always be to keep things as simple as you can.

For Disposable Digi-IDs™, the Digi-CA™ will require Key Management enabled in advance because after five years, with only 100,000 end users, there will actually be 500,000 Key-Pairs in circulation. If you decide that you must use Disposable Digi-IDs™ then you should consider the following questions, for example:

The solution to these problems is to have Key Management and Key Escrow services enabled in the Digi-CA™ during configuration and installation.

In the case of Renewable Digi-IDs™, you don’t really need Key Management and in many Trust Centre environments, Key Eskrow services are not permitted by law. Also, as the end user has only one Digi-ID™ or Key-Pair to take care of, it is a much easier task to provide assistance and enable them to ‘self recover’ from their own Backup.