Monday, December 21, 2009

Cryptography practice

What would a CA do if a private key is considered compromised

  A. Cancel the certificate
  B. Publish the certificate
  C. Revoke the certificate
  D. Reissue the certificate

Answer below.

Over 375 practice test questions in this book:

Answer: C

If a private key is compromised the key is revoked by revoking the certificate that holds the matching public key. Revoked keys are published on the certificate revocation list (CRL). Certificates can’t be cancelled. The certificate is already published. It’s not appropriate to reissue a certificate with a compromised private key.