Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The CA uses its signing key to sign all certificates that it issues and all the CRLs that it publishes. This key is bound to the CA signing certificate. Therefore, there are several important properties to consider:
Strength of the key
Acceptable algorithms and key lengths are to be specified by enterprise security policy.
Lifetime of the key
The CA signing keys are long-lived keys that exceed the lifetime of the certificates that they sign because, when that key expires, all certificates signed with that key are no longer considered valid by others.
Key storage
If the CA signing key is compromised, certificates that were signed with that key can no longer be trusted, because an attacker could issue certificates that appear to originate from that CA.
CA signing certificate revocation
Organizations have to have a documented process to handle the compromise of CA signing keys. For example, if the CA is subordinate to another CA, then it would make sense to revoke the compromised certificate on the parent CA and publish a new CRL. An even more severe situation occurs when the signing key of a root CA is compromised. In this situation, the only way to stop it from being trusted is to reconfigure all of the client computers to no longer trust it.