You'd need a strong root key and subkeys that rotate underneath. To change the root key would require signing by the original root and a new message to appear for confirmation.
All this plus something like a notary system to double check all your trusted root keys, would be much better than the hierarchical CA system we have.
You'd need a strong root key and subkeys that rotate underneath. To change the root key would require signing by the original root and a new message to appear for confirmation.
All this plus something like a notary system to double check all your trusted root keys, would be much better than the hierarchical CA system we have.
Which root keys? The ones you store on your web server, which just got compromised?
Why would one store them there? Why not just use them to sign other keys that are actually used in online systems?
1 reply →