Introducing SKIP

SKIP (Simple Key Management for Internet Protocols) is an IP layer encryption package. It provides a system with the ability to efficiently encrypt any protocol within the TCP/IP protocol suite. Once installed, any two (or more) systems running SKIP have the ability to transparently encrypt and/or authenticate all traffic between them.

SKIP Services

SKIP provides four network security services:

Access Control for protecting your corporate data resources from unauthorized use.
Encryption and decryption services to ensure the confidentiality of information sent over the network.
Authentication to ensure the integrity of the information transferred from one group to another within your corporation.
Key and certificate management which provides for efficient, cost-effective administration of the basic building blocks of your security policy.

Access Control

Use access control on your network to limit and control who uses your host systems and applications through your communications links. Each entity-- host, network, or nomadic system, you communicate over your network with must be identified and/or authenticated so that access to your system is controlled. Once communication is established, data may be exchanged in the clear or encrypted.

SKIP's access control is based on the requesting system's IP address. To provide access for mobile remote users, SKIP has provided users with the ability to separate an entity from it's physical address through the use of a key identifier. When a system tries to connect to a host running SKIP, the order of processing is as follows:

Search for an entry specifying a remote host. If the entry exists use it, otherwise continue to the next search argument.
Search for a network entry which matches the remote entry. If the entry exists use it, otherwise continue to the next search action.
If an IP address entry is not found, search for a nomadic ACL entry containing the sender key identifier present in the SKIP protocol header. If the entry is found and the packet is authenticated, store the sender's IP address for future reference.
If a corresponding ACL entry is still not found, use the default system entry. This entry is configured by the user to either allow or deny access to unknown hosts.

Note: These rules may also be used to exclude a host or network from accessing the system.

Tunneling and Transport modes

Each IP packet can be encrypted/authenticated using SKIP in two ways:

only the data part of the IP packet is encrypted. This is called the ``transport mode''.
the whole the IP packet is encrypted. This is called the ``tunnel mode''

Topology Hiding

SKIP supports topology hiding through the use of a Tunnel address . The Tunnel address field contains the IP address of the host which serves as the intermediary between any or all hosts/systems on a network whose topography is to remain hidden from the rest of the world. The remote system needs to be configured using the ``tunnel'' mode.

Encryption/Decryption (Confidentiality)

The SKIP kernel does traffic encryption and decryption. It views the key manager as a process that it gives encrypted traffic keys to and gets back decrypted traffic keys.

SKIP provides users with the ability to separate the identity of an entity from it's physical address. This means that each person (sender/receiver) participating in a transfer of encrypted data over a computer network can be identified by an NSID/Local KeyID pair. The KeyID is used for key lookup, not for routing. By default, the NSID is set to 0 and a KeyID is not sent. However, with the KeyID feature activated, key names are no longer tied to IP addresses. This means that regardless of their physical location on the network or on the Internet, sales, marketing, and support personnel have the ability to communicate with each other and corporate using encryption. Corporate data remains secured regardless of the location of a sales rep or system engineer at customer sites or trade shows.

The Name Space Identifiers (NSID). The NSID's supported by SKIP are:

NSID 0 (Not present)

NSID 1 (IPv4 address)

NSID 8 (MD5 of Diffie-Hellman Public Values)

The traffic encryption algorithm. Traffic is encrypted using conventional symmetric key cryptography. A random traffic key is used as a key to encrypt data. The algorithms supported at your site are automatically installed by SKIP and appear in skiptool .

Authentication (Integrity)

Authentication is the process of verifying that the user requesting access is who they say they are. In SKIP, authentication is implemented through the Keyed MD5 algorithm and applies to the whole IP packet.

Key and Certificate Management

The SKIP key management system is based on public key cryptography, that is, each participant holds a pair of keys: his/her public key and a private key. To ensure that the public keys are authentic, that is, they have not been tampered with by an attacker and do indeed belong to the claimant, the public key is signed by a Certification Authority (CA). The result, a Certificate, is freely passed around the network. Its authenticity can be verified by anyone holding the CA's signature information, that is, its public key.

Keys and certificates are handled by the key manager. Local key information is managed using the skiplocal command and CA information is managed using the skipca command.

The algorithms used by SKIP are:

The long term secret key algorithm. The Diffie-Hellman Key Agreement algorithm is used.
The key encryption algorithm.The low order bits of the Diffie-Hellman secret key agreement function as the key. Keys are encrypted using conventional symmetric key cryptography.

As stated earlier, certificates are the digital documents which testify to the binding of a public key to an individual or other entity for the purpose of preventing someone else from impersonating you. In order for two hosts running a security package to communicate, they must exchange certificates. Common methods of certificate exchange are:

Certificate Discovery Protocol - Hosts running SKIP request each other's certificates through a clear channel. A host may also ask a Directory Server for a certificate.
Certificate Authority (CA). This procedure is manual in that certificate and possibly the key are provided by the certifying agency on a physical media: tape, diskette or CD-ROM. They must be loaded into the system by the user through a command line.
Manually generate, add, and exchange certificates by using a command line interface provided by a vendor.

SKIP supports all of the common methods of certificate exchange. For more information on configuring certificate fetching protocols and certificate management, please see the manual pages for skipd, skipdb, skiplocal and skipca. By default, the key manager asks the host its trying to communicate with for it's certificate.

There are times when it is useful to allow a system to have more than one public/private key pair. For example, different key sizes may be required when communicating with subsidiaries in other countries due to local regulations. To meet these user requirement's, Sun's SKIP implementation allows a system to possess as many local keys as required. Similarly, the SKIP system can also be configured with the details of several Certification Authorities so that certificates signed by different CAs can be checked for authenticity.

Sun ICG SKIP Product Family

SKIP is available as an unsupported free product for SunOS 4.1.3 and FreeBSD. Sun Microsystems Internet Commerce Group also sells the Sunscreen(tm) line of products which include Sunscreen SKIP for Solaris (sparc and x86) and several firewall solutions. All SKIP products from ICG including the Free Source interoperate. For more information about Sunscreen(tm) products, visit our web page:

			http://www.incog.com

For more information on SKIP, please see the SKIP web page:

			http://skip.incog.com

SKIP security services

SKIP implements security services through these four major components:

Bulk Data Crypt for key caching, bulk data encryption, and authentication.
Cryptographic Modules which support the most rigorous symmetric key cryptography and authentication methods currently available.
Key and Certificate Management tools which provide automatic management of certificates and the generation of random traffic encryption keys.
SKIP End System for the system administrator's use in controlling access to corporate resources on the network.

Together, these components provide authentication and privacy at the network layer without the need to modify your applications. This offers the system administrator a method of selectively controlling access to corporate data--encrypting and authenticating network traffic as required.

Installing SKIP

This section provides instructions for installing SKIP on Solaris 1.x, FreeBSD 2.1.0 and 2.1.5 systems. Installation on FreeBSD is identical to installation of Solaris 1.x. Once SKIP is installed, configured, and enabled on the systems requiring its services, IP layer encryption begins. SKIP runs without further administration effort until new systems need to be added or certificate management is required.

Hardware and Software Requirements

Supported Platforms

The SKIP source reference is supported on the following platforms:

Sun SPARCstation 1, 1+, 2, Classic, LX, 5, 10 or 20 running Solaris 1.1.1 (SunOS 4.1.3 U1).
Any x86 personal computer running FreeBSD 2.1.0 and 2.1.5.

Hardware Requirements

A minimum of 6 MB free disk space is required for installation. 3 MB of disk space is permanently used.

General Installation Procedures

The exact steps in installing SKIP are determined by the media used for the installation, the hardware platform, and the operating system in use on the system which is to use SKIP. However, the general installation steps are:

Unpack the software.
Install the software.
Obtain a certificate from the Certificate Issuer or generate an unsigned key.
Install the keys.
Delete the temporary files.
Update environment variables (PATH and MANPATH)
Install SKIP on the network interface.
Re-boot your system.

The installation process is described in detail on the following pages.

Solaris 1.x and FreeBSD 2.1.0 and 2.1.5 Installation

This section provides instructions for installing SKIP on Solaris 1.x systems (SunOS 4.1.3 u1) and FreeBSD. In order to install and run the software, you must be able to become root on your local system.Get the software from http://skip.incog.com. Unpack the Software

The software must be unpacked before it can be installed. To extract the files, complete the following steps:

Become root on your local system.
Change to the /usr directory. Verify that approximately 7 Mbytes of free space exist in the /usr directory.
Type the following command, exactly as it is written below, substituting the name of the directory where you put skip.tar.Z for directoryname:
```
example# zcat directoryname/skip.tar.z|tar -xvf -
```

The files are extracted into /usr/skip and /etc/skip.

Install the Software

After the files have been de-compressed, SKIP is ready to be installed. Use the procedure below to install the software:

Open a terminal window and become root.
Change to the /usr/skip directory:
```
		example# cd /usr/skip
```
Use the install.skip command to install SKIP:
```
	
```
```
		example# ./install.skip
```
The program asks you a number of questions. For most of these questions, the default answer can be used. You may have to rebuild a new kernel for the support of loadble modules
If the install program needs to reboot your system, then complete the following steps:
- Log in once more as root.
- Switch to the directory where you stored the certificate for the system.

Add /usr/skip/bin to your path by typing:

	example# set path = ( /usr/skip/bin $path )

Generate and Install Unsigned Keys

When generating an unsigned key, no authority exists to certify identities. This means that each party in the communication must verify the name of the key (the -R field in the skiphost command or the remote ID in the skiptool menu), over the phone or another trusted channel. Otherwise, a third party may impersonate the system/person you wish to reach with impunity. Without verification through a secure channel, you have no way of knowing if the key belongs to the correct party or not. If you wish to generate a secret and unsigned dhpublic certificate (NSID 8) locally, complete the following steps:

Generate your key and install it as a local key id:
```
      	 # skiplocal keygen
```

Communicate your keyid to the party you wish to talk to. Use an out of band communication like the phone. The skiplocal list command will list your local keys. Get the other parties keyid and enter it into the Add System menu of skiptool. A shortcut command called skiplocal export exists which will display what your system thinks the other side should use to add you to their Access Control List. You can mail the output of this command to the party you wish to communicate with and they can do the same. Each of you can cut and paste the other's line into the shell to add the other to the Access Control list. Since your system does not know what local keyids and network interfaces the other system has, this command will only work when both parties have one network interface and one key.

Even when using skiplocal export, make sure you both verify the other party's keyid over the phone with the other party to make sure someone is not impersonating them.

Install SKIP on your network interface

The skipif (see skipif(1)) command is used to install SKIP on a network interface. After you reboot the system, SKIP will have been installed on this interface. If you want to add SKIP to a machine with one network interface you can just use the skipif command:

	example# skipif -a

On a machine with multiple network interfaces, you should specify the interface :

	example# skipif -i zp0 -a

Finishing Up

After the software installation is completed, a few file management and clean-up procedures should take place:

Add /usr/skip/bin to the path in your .login file.
Add the man pages to the .login file by entering:
```
	 setenv MANPATH /usr/share/man:/usr/skip/man
```
Still as root, reboot your system by typing:
```
	example# reboot
```

After the system has rebooted, login as root.

Configuring SKIP

Implementing SKIP Services

Key and Certificate Management Command Line Tools

Setting Up Trusted CAs: skipca

X509 Certificates without proper signatures are not be added to the database. Therefore, the CAs certificate must be added to the CA Certificate database using the skipca command prior to adding certificates signed by that CA to the database.

Managing SKIP Local Identities: skiplocal

Managing Certificates: skipdb and skipd

skipdb and skipd are used to manage certificates. Long term certificates are stored in a database for access by the key manager. The skipdb command line interface allows the manual administration of the certificate database.

skipd services encryption and decryption requests from the kernel and acts as a certificate server. The encryption/decryption requests are received and answered via /dev/skip_key. When acting as a certificate server, skipd answers CDP requests from remote hosts as well as issuing requests for certificates from remote Certificate Discovery servers when necessary.

Activating the Changes: skipd_restart

In order for the changes made by skipca, skipdb,and skiplocal to take effect, skipd_restart must be run to reinitialize the key manager. To run skipd_restart, login as root and enter:

# skipd_restart

Access Control

SKIP provides two interfaces for setting up your Access Control List: skiptool and skiphost. The easiest way to set up your access control list is through the Graphical User Interface (GUI), skiptool. If you prefer command line tools, refer to the skiphost command described in the next section.

Communicating in the Clear (OFF)

Typically, the NIS and DNS servers your system accesses are set up as communicating with your system in the clear. In addition, any host that does use an encryption package must be set up to communicate with you in the clear.

Communicating Using SKIP

Any host that you want to send encrypted SKIP traffic to must be configured using the Add popup window. When SKIP Security is selected, the Tunnel address, Remote Key ID, Local Key ID, Key encryption, Traffic encryption and Authentication fields must be set up from the Properties window. In addition, if the Remote/Local Key ID fields are set to other than Not Present, the ID field must also be configured. Complete the following procedure to set these fields for encrypted traffic between your server and the system to be authorized:

After selecting the type of system and setting the security to SKIP, enter the Hostname.
Set the Secure button to either Whole packet or Data only. It is recommended that the whole packet be secured (encrypted).
Set the Tunnel address: if topology hiding is in use. Tunnel addressing is generally used for encrypted gateways where the IP address of the host entered here serves as the intermediary for any or all hosts on a network whose topography is to remain unknown or hidden from the rest of the world.
Use the Remote Key ID button to select whether you would like the remote system's keyid included in SKIP packets and, if so, what namespace that keyid lives in. By selecting Not Present, the sending of the receiver keyid is disabled.

Not Present is the default. It uses the IP address of the remote system to identify its certificate. If a remote system has a Node ID other than that identified by its IP address, set the namespace and indicate the remote system's keyid in the ID Field. The namespace indicated in the Remote Key ID field is determined by the type of certificate used/obtained for this system:

The following namespaces are listed in this menu:

If the Remote Key ID field has been set to other than Not Present, enter the Key ID in hexadecimal format in the ID: field (0x0a000000). It must contain the appropriate Node ID for the system being authorized based upon the selection made in the Remote Key ID field. Depending on the type of certificate, this information may be obtained from the master key id on the diskette or from the local key id field of the other host.
Use the Local Key ID button to indicate whether you want your local system to send it's keyid in the SKIP packet and, if so, what namespace that key lives in. If you select Not Present, a sender Key ID is not sent in the packet. All the local key times installed for this host are listed. Select the namespace for the local key to be used for communication with the above host. Once the namespace is selected, click on the ID field to select the key to be used, in hexadecimal, for communicate with this host.

For a more complete discussion about keys and namespaces, refer to the advanced.TOPICS document in /usr/skip/doc.

Now select the key encryption, traffic encryption, and authentication algorithms you wish to use for communication with the remote system.

Communicating with Sunscreen(TM) Products

Sun Microsystems has created a security product family called Sunscreen(TM). All products in the Sunscreen(TM) family can securly communicate with this package using SKIP protocols.

To communicate with a Sunscreen(TM) SPF-100 you must use the SKIP V1 Protocol and install the proper key. Call SunService for help in obtaining the key. Appendix A of this manual describes how to install the key.

When accessing a SunScreen, the Node ID, Tunnel address, Key encryption, and Traffic encryption fields must be set up.

After selecting the type of system and setting the security to SunScreen Compatibility, enter the Hostname.
Enter the Node ID for this host.
The Local key ID field is completed automatically for you by SKIP.
Set the Tunnel address: if topology hiding is in use. Tunnel addressing is generally used for encrypted gateways where the IP address of the host entered here serves as the intermediary for any or all hosts on a network whose topography is to remain unknown or hidden from the rest of the world.
Select the appropriate key and traffic algorithms for the Key and Traffic encryption buttons. Available encryption methods are:

Communicating Using AH/ESP

Manual keying is typically used in test mode only. It is not recommended for day to day operations. To configure a host with which you are using manual keying, both skiptool and the raw_keys file must be configured.

Adding Excluded Systems

If the default entry remains on the Authorized systems list, than any remote host that you want to prevent communication with must be configured using the Add button located under the Excluded Systems: list. An excluded host may or may not be using encryption. When setting up an excluded system, it is only necessary to enter the Hostname. If the state of the host or network changes to an authorized system, you must delete the system from the Excluded list and add it to the Authorized systems list. To exclude a system, complete the following steps:

Click on the Add button at the bottom of the Excluded Systems list on the skiptool
Main Window.
Select the system type: Host, Network or Nomadic.
In the Hostname field on the Exclude system window, enter the name or IP address of the host system you want to deny access to your system.
Click Apply on the Exclude system window.

Rules for Authorized Systems

Once you have entered the authorized systems and the excluded systems, you need to determine what should happen when unidentified systems attempt to access your system. An unidentified system is unknown by SKIP, that is, it is not on either the Authorized Systems list or the Excluded Systems list.

Use the Unauthorized Systems button on the main window to select what action SKIP should take when an unidentified system attempts access. There are three possible actions which SKIP may take when an unidentified system attempts to connect to your system when the default entry has been removed from these lists:

No access
Ask for confirmation
Add automatically

If a Default authorized system resides on either the Authorized or Excluded Systems lists, this option does not take affect.

Once SKIP has been configured on your system, you are ready to configure it on the other systems which you will be communicating with either in the clear or through one of the encryption methods available in SKIP. Once both parties have installed and configured SKIP, SKIP should be enabled and your data protected.

Using skiphost

skiphost is the command line interface used to list, add, and delete entities from the access control list as well as enable SKIP. It's functionality is the same as the skiptool GUI. In addition, skiphost is used to remove SKIP from a network interface if required.

To configure SKIP using the skiphost command, one entry is required for each system/host being set up in the access control list. Before enabling SKIP, any hosts needed for operation of the local system must be present in the ACL. Verify that any NFS file servers, NIS servers, or any local broadcast addresses for your network are on the ACL. Then skiphost must be run one final time to enable SKIP. See the man page for skiphost for details

Enabling SKIP

The last step in setting up SKIP is to enable access control for the system. Enable SKIP by selecting enabled from the Access Control Button on the main window. When SKIP is enabled for the first time, it checks for all systems that you are talking with in the clear. It detects the NIS and DNS servers you are communicating with and automatically adds their addresses to the access control list when you select Add from the Required systems window. Choosing Cancel may hang your system or prevent your access to the system/network the next time you try to login.

Enabling SKIP

This windows now adds also the ``ALL-SYSTEMS'' and ``ALL-ROUTERS'' multicast addresses.

The Authorized Systems area lists all the hosts allowed access. The Excluded Systems area shows all those known hosts which are explicitly denied access.The graphic preceding the host name or IP address depicts what type of security is being used with that host.

A blank box preceding the host name indicates no encryption (Security = off).
A box with a lock in it indicates that the system is using SKIP as the encryption method (Security = SKIP).
A box with the Sun Microsystems logo in it indicates that the system is using SKIP V1 Compatibility mode (Security = SKIP v1).
A box with indicates that the system is using manual keying (Security = ESP/AH).
A box with an N indicates a system that is Nomadic, that is, it is identified by its Key Id not its IP address, and it's using either SKIP or SKIP V1 Compatibility mode as the encryption method.

Default System Entry

The default system entry is used when no other more specific ACL entry matches a host. Often, this entry is set to clear traffic to allow hosts which aren't in listed in the ACL to communicate in the clear. It may, however, be used to create a default encryption rule, as well.

Note that if the default system entry remains, it is unnecessary to add any entity with the OFF security option. Further, if the default system entry remains, the option set by the Unauthorized Systems button never goes into effect.

Iconify the SKIP Application

Once SKIP is enabled, it is no longer necessary to keep the window open. At this time, you may wish to iconify the main window. The skiptool icon shows SKIP's status.

If you quit the application, SKIP stays in whatever mode it was last in (enabled or disabled). The Unauthorized Systems policy automatically changes to No Access, since there is no longer any way to notify you if an unauthorized system is attempting to gain access.

SKIP Icon showing both the Enabled and Disabled states

Verify the SKIP Installation and Set Up

Once you have configured and enabled SKIP, it is time to determine that it is working properly. If the configurations on the systems do not match, that is the encryption algorithms used, it will appear as if the other part of the communication equation does not exist. SKIP silently drops the packets.

To verify that SKIP is operating properly on your system, complete one or more of the following procedures:

Ping the remote system. The remote system must have SKIP enabled, and be using the same key and traffic encryption algorithms as your system.

If you have the remote site's certificate, you immediately start sending Encrypted IP. Otherwise, your keymanager will need to do a remote certificate fetch. By default, this is done by asking the remote site for it's certificate over a clear channel. If you have configured other hosts to act as key servers, they will be asked for the certificate. See the man pages for skipd and skipd.conf for details. If there are no problems at the remote site, you receive replies to your pings.

Run snoop or tcpdump on your local system or a sniffer to see that packets are being encrypted.

Troubleshooting

If encryption is not taking place between your system and a system on your Authorized Systems list or you cannot connect to that system, check the following items:

Is SKIP enabled? Check the Access Control button. Set it to enabled.
Verify that a certificate exists for each system you wish to communicate with on your Authorized systems list. Use the skipdb command to check for the certificate of the remote system by dumping the database to stdout. Try to restart the key manager by using the skipd_restart command .
Verify that SKIP is installed, configured, enabled, and has the certificate on the remote system.
Verify the KeyID of the remote system in the log file /var/log/skipd.log to see if the keymanager has set the keyID to what you think it should be. If it is not the correct keyID, get certificates for the correct keyIDd.
Verify that both machines have the same key encryption, traffic encryption and authentication algorithms.
If you are commucating through a firewall, check with your system administrator that ports for UDP 1639 & 1640 are are allowed to pass. These ports required for the Certificate Discovery protocol. As a workaround, you may manually distribute keys. Also, make sure that the SKIP protocol (57) is permitted to pass through the firewall.
Verify that the cdp server specified in skipd.conf is correct and has been authorized in skiptool. If the cdp_server entry is = or @, it is specifying the tunnel address or host address, respectively.
SKIP requires machine clocks to be syncronized within one hour. Make sure they are in sync. Messages in /var/log/skipd.log will indicate this situation.
If the skiplocal export command has been used to communicate keyids when one or both of the systems have multiple keys or multiple network interfaces, the keyid may have been bound to the wrong network interface or local keyid. Use skiptool or skiphost to add the remote host after verifying keyids over the phone.
Use skiplog to verify configuration mismatches

Viewing SKIP Statistics (skiptool and skipstat)

SKIP provides two methods of viewing statistics: skiptool and skipstat. skiptool is the GUI format you have already been introduced to in the previous section and skipstat is the command line interface for viewing SKIP statistics. The method chosen is a matter of personal preference since both interfaces provide the same data. SKIP provides the following statistics:

Network Interface
Header Statistics
Key Statistics
Encryption Statistics
Authentication Stats

Using skiptool

You can view the Network Interface, Header, Encryption (SKIP V1/IPSP), Authentication, and Key statistics in real-time by selecting SKIP Statistics from the File menu on the skiptool Main Window. The fields on the statistics screens are updated approximately every 3 seconds. A status change is indicated by the word UPDATED next to the fieldname. Figure 3-4 shows the menu path to a Statistics window.

Bringing up a Statistics Window

Each of the statistics available for SKIP is described on the following pages. Sample data with field descriptions illustrate the information available for monitoring SKIP performance.

SKIP Network Interface Statistics

Selecting File - SKIP Statistics-Network Interface Stats displays the SKIP Network Interface Statistics window.

SKIP Interface Statistics Window

The fields on the SKIP Interface Statistics window show the number of:

SKIP Header Statistics

Selecting File - SKIP Statistics-Header Stats displays the SKIP Header Statistics window.In the field descriptions below, V1 refers to SKIP v1 compatibility mode.

SKIP Header Statistics Window

The fields on the SKIP Header Statistics window are:

SKIP Key Statistics

Selecting File - SKIP Statistics-Key Stats displays the SKIP Key Statistics window (Figure 3-7).

SKIP Key Statistics

The fields on the SKIP Key Statistics window are:

SKIP Encryption Statistics

Selecting File - SKIP Statistics-Encryption Stats (SKIP V1 or IPSP) displays the SKIP Algorithm Statistics window.

One set of statistics is displayed for each different traffic and key encryption module. The fields are:

SKIP Authentication Stats

Selecting File - SKIP Statistics-Authentication Stats displays the SKIP Authentication Stats window which provides information on MAC's (Message Authentication Code).

Authentication Stats

The fields on the SKIP Authentication Stats window are:

Using skipstat

The alternative method of viewing SKIP statistics is to use the skipstat command line interface. skipstat is a part of the skiptool GUI as well. skipstat provides statistical data on the following items for the local system:

Cryptographic algorithms supported on the local system
Statistics for the cryptographic algorithms
MAC algorithms
Interface
Key
Header
Statistics for the specified network interface

Managing Keys and Certificates

Secure methods of key management are a necessity for users. Users must be able to easily obtain and use key pairs with the knowledge that these pairs have not been comprised. In order to meet these requirements SKIP provides both a GUI and a command line interface. skiptool provides the GUI Key Management parameters window and the command line interface provides print_cert, skipdb, and certreq.

Key Management with skiptool

The Key Management Parameters window is displayed by selecting Key Management from the File pulldown menu. Key management parameters are global, that is, one set of key management parameters governs the activity of all keys on a particular system. They determine when a key is deleted based upon use and the maximum number of bytes transmitted. The Key Management Parameters window has four major components, as shown in Figure 3-9.

Key Management Parameters Window

The Key Management Parameters window components are:

Key and Certificate Management Using the Command Line Interface

When issuing any of the commands used in key and certificate management, you must be logged in as root. In addition, if you are running Solaris 2.x, you must issue the xhost + command to allow access to the X server. The key and management commands provided by SKIP are:

Further information to be supplied.

Installing Certificates

The following procedure provides instructions for installing certificates from Sun Microsystems Internet Commerce Group's Certificate Authority.

Installing an ICG Certificate

Remember that this is a DOS diskette using DOS filenaming conventions. To load your certificate, complete the following steps:

Insert the diskette and type volcheck.

Install the certificate and keys by typing:

 	example# install_skip_keys -icg /floppy/floppy0

This script unpacks the certificate file, verifies the MD-5 checksums, and installs the certificates.

Eject the floppy using the eject command:

	example#  eject floppy

Store the floppy in a secure location.
Reboot or use skipd_restart to activate the keys.

Access Control

Topology Hiding

Authentication (Integrity)

SKIP security services

Supported Platforms

Hardware Requirements

General Installation Procedures

Generate and Install Unsigned Keys

Finishing Up

Implementing SKIP Services

Key and Certificate Management Command Line Tools

Setting Up Trusted CAs: skipca

Starting skiptool

Communicating with Sunscreen(TM) Products

Communicating Using AH/ESP

Rules for Authorized Systems

Default System Entry

Troubleshooting

Using skiptool

Managing Keys and Certificates

Last Modified: 11:49am PDT, October 24, 1996