3.5 Using the Recovery Agent

The Novell iFolder 3.7 enterprise server uses a Recovery agent, which is an X.509 certificate-based entity used to recover a lost or otherwise unavailable key for encrypted iFolders.

iFolder prompts a user to select a Recovery agent from a list when the user specifies specifies the passphrase for an encrypted iFolder. However, this option is available only if you set encryption policy to On by using the Web Admin console. When the user has lost or forgotten the passphrase, the Recovery agent helps the user to recover the data.The user exports the encrypted key and sends it to the Recovery agent by using the Key Recovery option available under the Security menu in the client. After receiving the encrypted key, the Recovery agent decrypts it by using its private key, and sends it back to the iFolder user. The user then imports the decrypted key and then resets the passphrase by using the Security menu in the client.