PKI Blog

1024-bit RSAs Days are Numbered

Posted by Ted Shorter on Jul 9, 2013 6:49:48 AM

In December of 2011, the CA/Browser Forum, comprised of representatives from the major Certification Authorities such as Symantec, Comodo, GoDaddy, and DigiCert, as well as browser vendors such as Microsoft, Apple, Mozilla, and Opera, published a document called "Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates.” This document outlines an agreed-upon set of minimum standards for SSL/TLS cert vendors.

One of these standards essentially calls of the elimination of certificates with 1024-bit RSA public keys by the end of 2013: any RSA-keyed certificate, even end-entity (“subscriber”) certificates, that expire after Dec. 31, 2013, must have a key of at least 2048-bits. This is big news in some circles; a number of public cert vendors have had to change their procedures, and, more significantly, start migrating their customer bases to 2048-bit certs. Many started this process quite a while ago.

Read More

Topics: digital certificate, RSA cert length, apple, Symantec, Public Key Infrastructure, Comodo, certificate 2013, RSA certificate length, Industry Trends, DigiCert, SSL certificate, 1024-bit RSA, PKI, TLS cert, Microsoft PKI, digital certificate length, Blog, 1024 certificate length, cert length 2013, GoDaddy, Mozilla

Microsoft Security Update: Digital Certificate Key Length Minimum 1,024 Bits

Posted by CSS Technical Team on Sep 11, 2012 7:00:00 AM

Microsoft security update to block access to digital certificates that have a key length of less than 1,024 bits on 10/9/12

Read More

Topics: digital certificates, Microsoft Security Partner, Public Key Infrastructure, Industry Trends, Microsoft Public Key Infrastructure, RSA Digital Certificate, PKI, Microsoft Security Advisory (2661254), digital certificate length, Blog, 1024 certificate length

Recent Posts

Posts by Topic

see all

Subscribe to Email Updates

Want to Learn more about CSS?