C.5.b

WT19 WT23

If the CA generates certificates for its subscribers, a subscriber's private key is stored with the same security as the CA's key that signed the subscriber's certificate.