The Wiki crypto store module is quite useful to be able to store keys and certificate directly in a Wiki document.
However, AFAICS there's currently no check performed on the space where the data are stored, or any helpers to enforce the confidentiality of the stored data.
So for example, I can use the DocumentReference of the current user to store a pair of keys, but right now it means that anyone could see the private keys just by displaying the XML of my user profile.
At the very least, we should improve the current API to send warnings if the data are stored in an "unsafe" place (here I consider a place is unsafe if guest users can view it).
Now best would be certainly to be able to hide automatically private key data stored in xobjects, like we do for user password/emails.