A company has a corporate infrastructure where end users manage their own certificate keys. Which of the following is considered the MOST secure way to handle master keys associated with these certificates?
A. Key escrow with key recovery
B. Trusted first party
C. Personal Identity Verification
D. Trusted third party