
Should you trust a root CA that couldn't keep track of it's own keys?  - tptacek
http://twitter.com/taviso/status/78570545280598016
======
woodrow
Just to be clear, this is presumably (judging by the filename) the private key
associated with the SSL cert for <https://www.certigna.fr/>, rather than the
CA private key (which would hopefully be in a HSM), correct?

Not that this make this look any better better, but I think some may be
confused that this is a compromise of the CA itself, rather than evidence of
poor key management/security practices.

