> To > prevent case 2, CAs are supposed to keep their certificates safe and > revoke them if a suspicion arises that the key is not safe.
Or rather, CAs are supposed to keep their private keys safe, not their certificates. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
