You are in the: Small Business Computing Channelarrow
Small Business Technology
» ECommerce-Guide | Small Business Computing | Webopedia | WinPlanet

ECommerce-Guide News provides online business owners with information about new ecommerce products, ecommerce laws and taxes, trends in ecommerce and market research on how to run an eBay business.   News, reviews and practical solutions for your online business  
Home News & Trends Solutions Resources eBiz FAQ Selling on eBay Forums Video Products Glossary About
News Research Trends


Search
ECommerce-Guide

ECommerce Glossary
Enter a Term:

Free Newsletters
Small Business Tech Daily

Webopedia

You are in: ECommerce-Guide > News > Trends

ECommerce-Guide Essentials
eBiz FAQ
Everything you need to know to start your own successful e-business.

Selling on eBay
How to make money in the online marketplace.

PayPal Payments and More
What's new in secure payments for your online store.

Shopping Cart Software
Solutions to close, process and track your online sales.

ecommerce-guide news and trends

Growing a Tree Of Trust -- Part One
By Mark Merkow, CCP, CISSP

December 31, 1998


What Can Be Done With Stolen Private Keys?

In the unlikely event of a private key compromise, the effects differ depending on which keys were stolen, who performed the theft, and what their motivation is.

A user''s private key theft could occur if the user''s PC was stolen or was used by someone else. Although some form of an electronic wallet will store the keys and certificates and are usually protected by a password, if a correct guess does open the e-wallet, the thief instantly assumes the identity of the authorized keyholder. If the theft is not reported, message and transaction recipients are left with no other choice than to believe that they were performed in earnest. At certificate-issuance time, users must be made aware of these consequences when they agree to the Use Policies before accepting their certificates.

Theft of a CA private key is a whole other matter. With the proper systems, a CA key thief could establish himself as a CA, ready to issue certificates. These forged certificates would be undetectable as forgeries and could be used without question.

Go to page: Prev  1  2  3  4  5  6  7  8  Next  

Tools:
Add ecommerce-guide.com to your favorites
Add ecommerce-guide.com to your browser search box
IE 7 | Firefox 2.0 | Firefox 1.5.x
Receive news via our XML/RSS feed