If the SSL key is on the http server when it get compromised, you've just lost your SSL key. Very bad!
If it's not, the http server could DDOS the key server. Less bad! Just change the key server address and point a new http server at it.
If the SSL key is on the http server when it get compromised, you've just lost your SSL key. Very bad!
If it's not, the http server could DDOS the key server. Less bad! Just change the key server address and point a new http server at it.