Endpoint Encryption

 View Only

  • 1.  Things that don't work on the Mac version

    Posted Aug 31, 2011 01:05 PM

    I changed the photo for my key using the mac. Synch'ed key with our Universal server cluster. Changes never replicate to the Windows PGP Desktop even when forcing synchronize keys on both sides.

    Change password on key on windows machine, synch, doesn't pull down the change to the key on the mac. (even after reboot)

    Perform 'key reconstruction' on Windows. Works on first attempt.

    Tried 10 times on mac. Even with all five questions correct, it says 'one question had a wrong answer please remember that answers are case sensitive.'

    Only answered three questions, (I actually had three that were one word answers) altered case on first char 9 different ways. Never allows me to reconstruct the key.

    I know the password so it is irrelevant, but I can't image the poor folks who forget their passphrase and try this only to realize it doesn't work.

    Here is a stumper, Case sensitive? Really? On reconstruction? So what if I have an answer to:

    What is your favorite Pizza as a child ?

    My Favorite Pizza as a child Was Pepperoni, Cheese, and Anchovies.

    Most important though, I can do this on the Windows PGP Desktop key reconstruction Any Case I want and it works.

    Their should be consistency between the window version and the mac version.

    What if a user creates the key reconstruction on the Windows laptop, but on  a trip, needs to reconstruct the key on a mac.

    I was certainly surprised the first time the Mac version told me my reconstruction question answers were case sensitive.



  • 2.  RE: Things that don't work on the Mac version

    Posted Sep 08, 2011 03:03 PM

    everything mac is case senstive, this is the UNIX way... Its only windows that assumes that end users are not sure what case they put information in. So they try to make it easier I guess.

    It's not surprising that the mac uses case sensitivity in key reconstruction. Those recovery questions are designed to have one word responses and not a passphrase anyways.  Like in your example "My Favorite Pizza as a child Was Pepperoni, Cheese, and Anchovies." my response to "what is your favorite pizza as a child?" would be simply: Pepperoni (I may like other things more, but taht is my favorite). Anyways, I agree that key reconstruction could use some work. But in essence, isn't that what the PGP universal server is there for anyways, so that you can always have a backup of your key and if you are using SKM key mode, the server manages the passphrase.

    Also, if you are using a GKM key on your mac. That may be why your key data (such as the updated photo) is not synching to other machines. What you would need to do in this instance is delete the managed key off the server first and then re-upload the key to the PGP Universal Server/KMS to sync those types of properties.

    Please read this useful KB article on different key modes:

    http://www.symantec.com/docs/TECH149029