OSF DCE Application Development Guide--Core Components
OSF DCE Application Development Guide—Core Components
principal. Two routines delete a principal’s key:
• The sec_key_mgmt_delete_key( ) routine removes all key types having the specified
key version identifier from the local key storage, thus invalidating all extant tickets
encoded with that key.
• The sec_key_mgmt_delete_key_type( ) routine removes only a specified version of
a specified key type.
If the compromised key is the current one, the application should first change the key
with sec_key_mgmt_change_key(). It is not an error for a process to delete the current
key as long as it is done after the login context has been established, but it may
inconvenience legitimate clients of a service. The inconvenience may be justified,
however, if the application data is sensitive.
Since an application may have no means to discover that its key has been compromised,
the rgy_edit tool provides interfaces that call sec_key_mgmt_delete_key(),
sec_key_mgmt_change_key(), and sec_key_mgmt_gen_rand_key( ) so that a network
administrator, who is more likely to detect that a key has been compromised, may handle
a security breach of this kind. As an alternative, the application may provide user
interfaces to these routines.
30−4 Tandem Computers Incorporated 124245