Is there an option to expire a security object at a specific date or after a certain time period?

Fortanix Data Security Manager (DSM) does support the expiry of security objects, including SECRET type. You can set the expiry for a future date or you can expire an object immediately. On expiry/deactivation, the object goes into the "Deactivated" state.

NOTE
  • In a deactivated state, a key cannot be used to apply cryptographic protection (for example, encryption, signing, wrapping, MACing, deriving). The key can only be used to process cryptographically protected information (for example: decryption, signature verification, unwrapping, MAC verification).
  • In a deactivated state, a SECRET value can no longer be fetched. You will not be able to get the value of this object if it is expired/deactivated.

Comments

Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful