[Cryptography] Google's Public Key Size (was Re: NSA and cryptanalysis)
steingra at gmail.com
Wed Sep 4 17:15:07 EDT 2013
On Mon, Sep 2, 2013 at 3:04 PM, Jeffrey I. Schiller <jis at mit.edu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On Mon, Sep 02, 2013 at 03:09:31PM -0400, Jerry Leichter wrote:
> > Google recently switched to 2048 bit keys; hardly any other sites
> > have done so, and some older software even has trouble talking to
> > Google as a result.
> Btw. As a random side-note. Google switched to 2048 bit RSA keys on
> their search engine. However my connection to mail.google.com is using
> a NIST p256r1 ECC key in its certificate.
As of Jan-2014 CAs are forbidden from issuing/signing anything less than
2048 certs. Lots of people are acting now to get ahead of that.
EV's have been required to be 2048 for quite some time.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography