Best Practices: Preparing for and Responding to a CA Compromise
The compromise of a certificate authority (CA) can enable an attacker, or Hacker, to generate fraudulent digital certificates, which the Hacker can use in a variety of attacks against high‐value business assets. Ultimately, enterprises might need to replace some or all certificates issued by the CA and even explicitly stop trusting the CA in order to protect themselves. To avoid significant security and operational risks, enterprises must have a plan in place for responding to a CA compromise.
Read Now (pdf)