Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Does a YURL support key replacement?

key replacement support yurl
0
Posted

Does a YURL support key replacement?

0 CommentsAdd a Comment

1 Answer

0

Yes, but a YURL does require that you plan for key replacement. The private key corresponding to the public key fingerprint in a YURL should be kept in a safe, offline location. This root private key is only used for signing the public/private key pair deployed in the online server. The deployed public/private key pair can, and should, be replaced at frequent intervals. Key replacement with YURLs is much like that in the PKI. In the PKI, a CA has a root private key that must be kept secure. The CA private key is only used for signing deployed public/private key pairs. Only the deployed public/private key pairs can be replaced.

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123