![]() RA ChainingĮJBCA 8.2 implements RA chaining support to enable zero trust hybrid and multi-cloud PKI deployments based on extended flexibility in distributed EJBCA deployments. If a private key is lost, EJBCA allows a CA administrator to recover the key for a user.įor information on how to set up EJBCA for key archival in Microsoft Auto-enrollment, refer to EJBCA Configuration. For profiles with key archival enabled, the private keys corresponding to issued certificates will be encrypted and stored in EJBCA. Key Archival can be enabled per end entity profile. Key archival is typically used in use cases like certificates for Encrypted File Systems (EFS) and encrypted e-mails using S/MIME certificates. Microsoft Auto-Enrollment Key ArchivalĮJBCA 8.2 introduces a new option in Microsoft auto-enrollment enabling administrators to configure key archival in the EJBCA setup for MSAE. For more information, see Post-quantum Cryptography Keys and Signatures. NIST standardization is planned for completion in 2024 and the Dilithium algorithm can be used for proof-of-concept (PoC) and post-quantum transition preparation activities until then. Note that the Dilithium algorithm is suitable for non-production use only. For information about supported HSM vendors and models, contact Keyfactor. Since Dilithium is not part of the PKCS11 standard, it requires an HSM vendor-defined extension in the PKCS11 interface. EJBCA 8.2 now introduces support for the use of a hardware security module (HSM) with support for the Dilithium algorithm. ![]() ![]() ![]() The EJBCA Release Notes also include a change log, listing all issues resolved in the release and a cross-reference to our JIRA Issue Tracker for full details on issues resolved in the release.ĭECEMBER 2023 Post-Quantum Certificate Issuance with HSM SupportĮJBCA supports the Dilithium and Falcon NIST candidate post-quantum algorithms since EJBCA 8.0. The following lists release notes for all EJBCA versions released.įor information on features and improvements implemented per release, see the EJBCA Release Notes. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |