[ale] Key management

Kevin O'Neill Stoll kevinostoll at yahoo.com
Wed May 14 12:26:38 EDT 2008


Hey guys,

Need some help with direction on encryption 

Goal: I need to encryption plain text files while at rest.
One use case would be: files are received via ftp from
various banks and should/could be encrypted with gpg with
the recipient defined as the consuming application, in this
case, Oracle Financials.

Problem: the consuming application will be receiving
encrypted files from many sources, not just the ftp host,
so Oracle Financials has to know about a great many public
keys, assuming the use of gpg. How do I got about managing
these keys in a central way?

I have looked into pks and sks, but catch here is they
wanted something supported by our vendors (SuSE in this
case).  

So, how do I manage a bunch of keys like this?

 
If you don’t think gpg is the answer, I’m open to ideas.
I’m not stuck on anything at this point, just trying to
figure out how to roll an encryption solution that I can
ultimately hand off to an operations group and can scale /
support 500+ end-points.

Also, not afraid of commercial solutions but would like to
exhaust any and all oss solutions first.

 
Thanks 

PKS: http://pks.sourceforge.net/

SKS: http://www.nongnu.org/sks/

 




      


More information about the Ale mailing list