Assuming that the person wishing to authenticate a cyberspace identity trusts his CA and assuming that the CA is operating securely and correctly, the only problem with public key infrastructure (PKI) based systems arises when the private key of a certified private-public key-pair becomes compromised. Private keys must be generated randomly, and stored and transmitted securely in order for the trust placed in the associated digital certificate to be deserved.