Each user should generate his or her own key pair. It may be tempting
within an organization to have a single site that generates keys for
all members who request one, but this is a security risk because it
involves the transmission of private keys over a network as well as
catastrophic consequences if an attacker infiltrates the key-generation
site. Each node on a network should be capable of local key generation,
so that private keys are never transmitted and no external key source
need be trusted. Of course, the local key generation software must
itself be trustworthy. Secret-key authentication systems, such as
Kerberos, often do not allow local key generation but instead use a
central server to generate keys.
Once generated, a user must register his or her public key with some central administration, called a certifying authority. The certifying authority returns to the user a certificate attesting to the veracity of the user's public key along with other information (see Questions 3.3.5 and following). Most users should not obtain more than one certificate for the same key, in order to simplify various bookkeeping tasks associated with the key.