2.9.2.4 Key Recovery Agent Certificates

Key recovery agent (KRA) certificates and the private keys associated with them can be used to protect and recover end entities' private keys. The CA does not have to possess the KRA's private key to archive keys, so the storage responsibility for KRA keys rests solely on the KRAs themselves. However, the CA administrator who defines policies about what types of KRA certificates are issued and configured on the CA can ensure that they are appropriate for this purpose.

The KRA public key has to be protected from tampering and especially replacement, because an attacker that could substitute its own public key for the KRA public key would potentially have access to all private keys that are encrypted under the KRA public key.