Important:
This is retired content. This content is outdated and is no longer being maintained. It is provided as a courtesy for individuals who are still using these technologies. This content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.
A version of this page is also available for
4/8/2010

A backup authority is a privileged application running on a more secure computer that provides storage for the session keys of its clients. All session keys stored there are encrypted, in the form of key BLOBs, with the backup authority's public key.

To store session keys in a backup authority

  1. Encrypt the file.

  2. Export the session key used to encrypt the file into a simple key BLOB, specifying that your own key exchange public key be used to encrypt the key BLOB.

  3. Store this key BLOB with the encrypted file.

  4. Export the session key, specifying that the backup authority's public key be used to encrypt the key BLOB.

  5. Send this key BLOB to the backup authority, along with the key's description, serial number, and so on.

If, at a later time, you lose your key pairs, you can retrieve the session keys from a backup authority, although you will first have to establish your identity with the authority.

See Also