The process of accessing the private keys offline is almost similar to accessing the keys when you are connected to the network. To enable the offline access, the user will have to set a new password (known as offline password) by using the Arcot Offline Tool. After registering the offline password, the Arcot Offline Tool creates a copy of the user’s key bag (offline key bag) and stores it in the ArcotID PKI.
Offline password enables secure access for you users to the network even if the application cannot access the network server.
After this initial setup, the users can use their private keys stored in the offline key bag.
Note: This workflow assumes that the ArcotID PKI credential has already been issued for the user.
The following workflow provides an overview of steps involved in accessing the keys offline:
Note: The Arcot Offline Tool is also installed on the user’s system.
If the authentication was successful, then the Arcot Offline Tool unencrypts the key bag with the shared secret, encrypts it with the offline password, and then updates the ArcotID PKI with the key bag that is encrypted with offline password.
The user’s ArcotID PKI is embedded with the offline key bag that contains their private keys.
|
Copyright © 2013 CA.
All rights reserved.
|
|