摘要 |
A certificate credential is generated based on a user device's private key securely stored, or accessible, by a certificate authority. When the certificate authority has been compromised, the credential, which typically includes information encrypted with the device's private key and the corresponding unencrypted information, is sent to the device. The device receives the information in encrypted and unencrypted form and decrypts the encrypted information. If the result of the decryption matches the unencrypted information, the device trusts the signer of the credential.
|