Digital Certificates Question:
How Do Certifying Authorities Store their Private Keys?
Answer:
It is extremely important that the private keys of certifying authorities are stored securely because compromise would enable undetectable forgeries. One way to achieve the desired security is to store the key in a tamper-resistant device. The device should preferably destroy its contents if ever opened, and be shielded against attacks using electromagnetic radiation. Not even employees of the certifying authority should have access to the private key itself, but only the ability to use the private key in the process of issuing certificates.
Previous Question | Next Question |
Who Issues Certificates and How? | How Are Certifying Authorities Susceptible to Attack? |