Certificate authority master key tracking on distributed ledger

What is claimed is: 1. An apparatus, comprising: a communications unit; a storage device; and a processor coupled to the communications unit and to the storage device, the storage device storing software instructions for controlling the processor that when executed by the processor configured the processor to: generate a master key generation request, the master key registration request comprising a random number seed and data that identifies a group including one or more domains, and wherein the apparatus is associated with at least one of the one or more domains; transmit, via the communications unit, the master key generation request to a computing system, the computing system maintaining a copy of a distributed ledger, the distributed ledger having a ledger block that includes additional instructions associated with a certificate authority, and the computing system being configured to execute the additional instructions to generate a master public and private key pair; receive, via the communications unit, a secure group code associated with the group from the computing system; in response to the receipt of the secure group code, transmit, via the communications unit, a shared token associated with the at least one domain to the computing system, the computing system being configured to execute the additional instructions to: verify a membership of the at least one domain within the group based on the shared token; based on the verified membership, generate a certificate associated with the master public and private key pair and further associate the generated certificate with data that identifies the group and the plurality of domains; and perform operations that record the generated certificate and the associated data within an additional ledger block of the distributed ledger, the recordation of the generated certificate and the associated data registering the certificate to the group; and receive, via the communications unit, and from the computing system, a domain-specific key derived from the master public and private key pair. 2. The apparatus of claim 1 , wherein the processor is further configured to: derive a session key from the domain-specific key; and apply a digital signature to message data using the session key. 3. The apparatus of claim 1 , wherein the random number seed includes a noise signal generated by one of the plurality of domains. 4. The apparatus of claim 1 , wherein: the processor is further configured to receive a secure group call that includes the secure group code; and the shared token corresponds to a group token identifying the apparatus as being associated with the at least one of the plurality of domains. 5. A computer-implemented method, comprising: generating a certificate generation request using at least one processor, the certificate generation request comprising data characterizing a plurality of domains associated with a group; transmitting, using the at least one processor, the certificate generation request to a computing system, the computing system maintaining a copy of a distributed ledger, the distributed ledger having a ledger block that includes instructions associated with a certificate authority; and receiving, using the at least one processor, a secure group code associated with the group from the computing system; in response to the receipt of the secure group code, transmitting, using the at least one processor, and to the computing system, a shared token associated with at least one of the plurality of domains, the computing system being configured to execute the instructions to: verify a membership of the at least one domain within the group based on the shared token; based on the verified membership, to generate a certificate associated with the master private and public key pair and further associate the generated certificate with data that identifies the group and the plurality of domains; and perform operations that record the generated certificate and the associated data within an additional ledger block of the distributed ledger, the recordation of the generated certificate and the associated data registering the certificate to the group; and receiving, using the at least one processor, at least one derived domain-specific key from the computing system, the derived domain-specific key being derived by the computing system from a master group key associated with the group. 6. The method of claim 5 , wherein the certificate generation request includes a random number seed generated from one or more noise signals of the plurality of domains. 7. The method of claim 5 , wherein: receiving the shared group code comprises receiving a network-based call associated with the certificate authority, the network-based call including at least one identity challenge; and the transmission of the shared token corresponds to a response to the at least one identity challenge; and the shared token corresponds to a predetermined token associated with the at least one identity challenge. 8. The method of claim 5 , further comprising: deriving a session specific key from the derived domain-specific key; and applying a digital signature to message data using the session specific key. 9. The method of claim 5 , further comprising receiving, from the computing system, a first derived domain-specific key and a second derived domain-specific key, wherein the second derived domain-specific key is received a predetermined time period after the first derived domain-specific key, and wherein the second derived domain-specific key invalidates the first derived domain-specific key.