In which of the following scenarios is PKI LEAST hardened?
A. The CRL is posted to a publicly accessible location. B. The recorded time offsets are developed with symmetric keys. C. A malicious CA certificate is loaded on all the clients. D. All public keys are accessed by an unauthorized user.
Answer: C
Explanation: A rogue Certification Authority (CA) certificate allows malicious users to impersonate any Web site on the Internet, including banking and e-commerce sites secured using the HTTPS protocol. A rogue CA certificate would be seen as trusted by Web browsers, and it is harmful because it can appear to be signed by one of the root CAs that browsers trust by default. A rogue Certification Authority (CA) certificate can be created using a vulnerability in the Internet Public Key Infrastructure (PKI) used to issue digital certificates for secure Web sites.