Formal notice given of rearrangement of deck chairs on RMS PKItanic

Jack Lloyd lloyd at
Wed Oct 6 11:15:51 EDT 2010

On Wed, Oct 06, 2010 at 04:52:46PM +1300, Peter Gutmann wrote:

> Right, because the problem with commercial PKI is all those attackers who are
> factoring 1024-bit moduli, and apart from that every other bit of it works
> perfectly.

_If_ Mozilla and the other browser vendors actually go through with
removing all <2048 bit CA certs (which I doubt will happen because I
suspect most CAs will completely ignore this), it would have one
tangible benefit:

(Some of, though unfortunately not nearly all) the old CA certificates
that have been floating around since the dawn of time (ie the mid-late
90s), often with poor chains of custody through multiple iterations of
bankruptcies, firesale auctions, mergers, acquisitions, and so on,
will die around 2015 instead of their current expirations of
2020-2038. Sadly this will only kill about 1/3 of the 124 (!!)
trusted roots Mozilla includes by default.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list