How are the keys associated with a Digital ID Certificate managed?
Secure methods of key management are extremely important. In practice, most attacks on public-key systems will probably be aimed at the key management levels, rather than at the cryptographic algorithm itself. Users must be able to securely obtain a key pair suited to their efficiency and security needs. There must be a way to look up other people’s public keys and to publicize one’s own key. Users must have confidence in the legitimacy of others’ public keys; otherwise an intruder can either change public keys listed in a directory, or impersonate another user. Digital certificates provide this assurance and must not be forgeable, obtainable in a secure manner, and processed in such a way that an intruder cannot misuse them. Digital ID certificates must be issued in a secure way, impervious to attack. If someone’s private key is lost or compromised, others must be made aware of this, so that they will no longer encrypt messages under the invalid public key nor accept messages signed w
