Re: Basic key management precautions…
Flip side is that it may need a revocation server. Either checked at system startup or at some other point by the OS. (Or worse, code running in UEF, or at an even lower than ring -1I)
Valid keys being revoked at corporate whim? Not sure this is the answer either .... this whole process is just broken.
Biting the hand that feeds IT
