Certificate Authority Compromise (CA Compromise)
An incident where a rogue person or organization is able to gain access to or use of the Private Key of a Certificate Authority (whether Intermediate Root or Root) to issue Counterfeit Certificates. There are several possible ways this can be accomplished, including:
- Certificate Authority System Compromise: A perpetrator infiltrates (e.g. via malware) the system at the Certificate Authority where Certificates are signed and (without getting a copy of the Certificate Authority Signing Key), gets one or more Counterfeit Certificates issued.
- Certificate Authority Signing Key Theft: A perpetrator steals a copy of the Certificate Authority Signing Key and is able to issue Counterfeit Certificates at will.
- Certificate Authority Signing Key Derivation: A perpetrator uses computational methods (e.g. Brute-Force Attack or Factoring) to derive or determine the Certificate Authority Signing Key and is then able to issue Counterfeit Certificates at will.
If a Certificate Authority Compromise occurs to a Root Certificate Authority (the most damaging kind of compromise), the Root Certificate Authority must notify all Relying Parties who trust their Root Certificate (usually by being stored by their operating system, browser or encryption library) so those parties stop trusting any Certificate issued with that Root Certificate or any Intermediate Root Certificate Authorities under that Root Certificate Authority. If a Certificate Authority Compromise occurs to an Intermediate Root Certificate Authority, any Root or other Certificate Authorities that have issued CA Certificates to that Certificate Authority must revoke those Certificates. Any Subjects who have been issued Certificates from that Certificate Authority must replace those Certificates immediately, since they can no longer be used due to the Revocation.