A.18. Key Management Conventions
When working with any form of cryptography, using reasonable key management techniques helps maximize security and minimize potential breaches. Ultimately, key management depends on the deployed cryptosystem product. Thus, know what you are buying and exactly what it does and does not offer.
Based on that, here are some tips to make the most out of what you have (at least in terms of encryption):
If a PKI system is used, have one public/private key pair set to use for session management and encryption and a second set for identity proof.
Always use a new and unique public/private key pair set when requesting a new certificate.
Attempt to renew certificates before they expire in order to maintain existing trust ...
Get CompTIA Security+™ Deluxe: Study Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
