A.5 October 2007

The following sections were added or changed:

Location

Change

Section 2.3, Enterprise Client/Server Communications

All data are also sent to the server in the clear. For most deployments, this setting is maintained for performance. Currently, this setting cannot be changed.

Section 2.12, Controlling Access to the iFolder Data Store

Updated the section to include the new path to the simias directory, where the iFolder server stores the database and user files.

Section 2.13, Controlling Access to the iFolder Server Configuration Files

Updated the default path to the iFolder configuration files.

Section 2.14, Controlling Access to And Backing Up the iFolder Audit Logs

Updated the default path to the iFolder audit logs.

Section 2.18, Loading the Recovery Agent Certificates

The iFolder service by default is not configured for the Recovery agent. During server configuration, ensure that the Recovery agent path is configured.

Section 3.4, Creating an Encrypted iFolder

The iFolder 3.6 server supports encrypted iFolder storage. To store the files encrypted, the user must ensure that the iFolder is created encrypted before uploading the files.

Section 3.5, Using the Recovery Agent

The iFolder 3.6 enterprise server uses a Recovery agent, which is an X.509 certificate-based entity used to recover a lost or otherwise unavailable key.

Section 3.6, Transferring the Encryption Key

For secure OTP transfer, make sure that the Recovery agent uses an out-of-band communication or a separate e-mail communication to send the passphrase and the key to the user.