Because every CA DLP machine has a copy of the same enterprise certificate, the security of any data transfer is at risk if the enterprise private key is compromised. If this happens, you will need to distribute a new enterprise certificate and private key to all CA DLP machines. As with any PKI, we recommend that you regularly replace the enterprise certificate (that is, revoke the existing certificate and issue a new one). The CA DLP scheme has been designed to make this as simple as possible.
|
Copyright © 2012 CA.
All rights reserved.
|
|