Digital Certificates Question: Download Questions PDF
What if a Certifying Authoritys Key is Lost or Compromised?
Answer:
If the certifying authority's key is lost or destroyed but not compromised, certificates signed with the old key are still valid, as long as the verifier knows to use the old public key to verify the certificate.
In some designs for certificate-signing devices, encrypted backup copies of the CA's private key are kept, so a CA that loses its key can then restore it by loading the encrypted backup into the device. If the device itself is destroyed, the manufacturer may be able to supply another one with the same internal information, thus allowing recovery of the key.
In some designs for certificate-signing devices, encrypted backup copies of the CA's private key are kept, so a CA that loses its key can then restore it by loading the encrypted backup into the device. If the device itself is destroyed, the manufacturer may be able to supply another one with the same internal information, thus allowing recovery of the key.
Download Digital Certificates Interview Questions And Answers
PDF
| Previous Question | Next Question |
| How Are Certifying Authorities Susceptible to Attack? | What are Certificate Revocation Lists(CRLs)? |