Formal notice given of rearrangement of deck chairs on RMS PKItanic
Victor Duchovni
Victor.Duchovni at morganstanley.com
Wed Oct 6 11:48:20 EDT 2010
On Wed, Oct 06, 2010 at 04:52:46PM +1300, Peter Gutmann wrote:
> From https://wiki.mozilla.org/CA:MD5and1024:
>
> December 31, 2010 - CAs should stop issuing intermediate and end-entity
> certificates from roots with RSA key sizes smaller than 2048 bits [0]. All
> CAs should stop issuing intermediate and end-entity certificates with RSA
> key size smaller than 2048 bits under any root.
>
> [...]
>
> Right, because the problem with commercial PKI is all those attackers who are
> factoring 1024-bit moduli, and apart from that every other bit of it works
> perfectly.
>
> Peter.
>
> [0] This is ambiguously worded, but it's talking about key sizes in EE certs.
What are "EE certs", did you mean "EV"?
--
Viktor.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list