Date: Fri, 8 Oct 93 18:31:55 EDT
From: tytso(_at_)MIT(_dot_)EDU (Theodore Ts'o)
Address: 1 Amherst St., Cambridge, MA 02139
Phone: (617) 253-8091
A different question is could PEM deployment survive the situation where
say a PCA or CA finds its key compromised and thus invalidating all the
certificates issued under it!
Nope, not really. If a CA key gets compromised, the PCA puts the CA's
certificate on its (the PCA's) Certificate Revocation List. The CA then
generates a new public/private key pair, and the PCA signs the CA's new
public key. The CA then needs to create and sign new certificates for
all of its users. (Note that its users do NOT have to generate new
pubic/private key pairs; if the CA has a trustworthy list of its users
and their public keys stashed away someplace, it would be possible for
the CA to generate new certificates for all of its users without even
needing to contact its users.)
So while this may require a lot of work for the CA, it is hardly
impossible. This is one good reaon for using something like the BBN
Safekeeper box to perform CA functions, though. This way, the private
key is inside a tamperproof box, and it is much, much less likely that
the CA private key would get compromised.
One bit of clarification. The "Nope, not really" should be "Nope, this
really isn't a problem...."
I apologize for any confusion caused by my lack of proofreading.
- Ted