zitat des tages
Zitat des Tages
Disaster recovery must include the ability of the CA to issue certificates.
Zitat des Tages
You should put the CRL capabilities toward the top of your priority list of features to recover in a disaster situation. Checking on the currently posted CRL and determining how long that CRL will be valid is very important. The closer that CRL is to expiration, the more pressure you are under to produce a new CRL and get that new CRL posted so that all of the subscribers can get to it to check the status of their certificates. Prioritizing the CRL signing capability near the top of your DR priority list will prevent turning the PKI disaster into a companywide disaster situation.
Zitat des Tages
Disaster recovery must include the ability of the PKI to generate CRL information.
Zitat des Tages
Inconsistent CA documentation can leave a trail of confusion in its wake.
Zitat des Tages
Sometimes only the trust anchor (TA) is preinstalled on the relying party’s system; other times the certificate chain is preinstalled.
Zitat des Tages
Bei der Erforschung der Kommunikation in Sid Meiers Civilization: Beyond Earth, kommt mir bekannt vor aus den Simpsons.
Eine der feinsten Schattierungen bei der Kommunikation ist der Unterschied zwischen ‚Das habe ich nicht verstanden‘ und ‚Das habe ich verstanden, aber es ist mir egal.‘
Zitat des Tages
There is no one-size-fits-all when it comes to BC and DR plans. The plans that work the best are the ones your write, test, and can rely upon. Many formats and specific tasks can be included, but only when the plans are regularly tested and updated can they save your PKI operations.
Disaster Recovery Plan
[The] disaster recovery plan should include everything required to get your PKI environment back up and operational, including (1) how and where backup files are stored, (2) how backups can be retrieved, (3) what hardware is needed to access them, (4) where to get the hardware if if the primary systems are destroyed, and (5) where your operating system software and application software is stored and how to reinstall all of the pieces.
Zitat des Tages
What both disaster recovery and business continuity have in common is the need for testing and verification that the testing actually accomplishes the goals of DR or BC. A regular test plan must be performed and evaluated for both DR and BC. Without regular testing, you will never know that the data you thought were backed up can actually be restored or that your failover data center will come online when a disaster strikes. If you do not test your DR and BC plans, your PKI organization will fail when it is needed most. Backups can and do fail occasionally. If you do not test restoring your backups, you will never know if the data will be available in a crisis situation.
Jeff Stapleton & W. Clay Epstein; Security without Obscurity: A Guide to PKI Operations
Zitat des Tages
Immer wieder gibt es auch in Gärten Höhenunterschiede, die man geschickt ausgleichen oder überwinden muss. Eine Treppe ist dabei eine gängige Möglichkeit.