Thierry Moreau <> writes:

>Now that the main question is answered, there are sub-questions to be asked:
>1. Has any public CA ever encountered a situation where a revocation would
>have been necessary?

Yes, several times, see e.g. the recent fiasco, as a result of
which nothing happened because it would have been politically inexpedient to
revoke the CA's cert.

>1.1 Has any public CA ever had a disgrunted employee with too many privileges
>not revoked on a timely manner?


>1.2 Has any public CA ever experienced a corporate reorganization where a
>backup HSM has been lost?

Not explicitly lost, but sold on eBay (depending on what your definition of
"public CA" is, probably more "large private-label CA", once the PKI project
is scrapped no-one really cares what happens to the hardware, so just as you
can buy hard drives full of financial records on eBay you can also buy HSMs
loaded with CA keys.  Unfortunately I'm still waiting for a browser root CA
key to turn up in one :-).

>2. Has any public CA ever suspected a situation where a revocation would have
>been necessary?

Yes, see above.

>2.1 Has any public CA ever had an audit that identified mismanagement of
>signature private key over some extended period of time?

Again, what's "mismanagement"?  Would "CA went bankrupt and ex-employees
issued themselves certs in lieu of severance pay" count?  Or "CA went bankrupt
and there was no-one left to manage the keys, including issuing CRLs for
revoked certs" count?  Or ...


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to