A certification authority (CA) hierarchy is only as secure as the security measures that an organization takes to protect the CAs in the hierarchy. These measures can be categorized as either
■ CA configuration measures or
■ Physical security measures and can range from limiting which security groups can log on locally at the CA console to keeping the CA computer in a secured location. Your security plan must include measures to protect each CA's private key from compromise.
Was this article helpful?