Re: [Cryptography] Google's Public Key Size (was Re: NSA and cryptanalysis)
On Wed, Sep 4, 2013 at 3:54 PM, Paul Hoffman wrote: > On Sep 4, 2013, at 2:15 PM, Andy Steingruebl wrote: > > > As of Jan-2014 CAs are forbidden from issuing/signing anything less than > 2048 certs. > > For some value of "forbidden". :-) > This is why you're seeing Mozilla and Google implementing these checks for compliance with the CABF Basic Requirements in code - Andy ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
Re: [Cryptography] Google's Public Key Size (was Re: NSA and cryptanalysis)
On Mon, Sep 2, 2013 at 3:04 PM, Jeffrey I. Schiller wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Mon, Sep 02, 2013 at 03:09:31PM -0400, Jerry Leichter wrote: > > Google recently switched to 2048 bit keys; hardly any other sites > > have done so, and some older software even has trouble talking to > > Google as a result. > > Btw. As a random side-note. Google switched to 2048 bit RSA keys on > their search engine. However my connection to mail.google.com is using > a NIST p256r1 ECC key in its certificate. > As of Jan-2014 CAs are forbidden from issuing/signing anything less than 2048 certs. Lots of people are acting now to get ahead of that. EV's have been required to be 2048 for quite some time. - Andy ___ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
Re: A mighty fortress is our PKI, Part III
On Wed, Sep 15, 2010 at 8:39 AM, Peter Gutmann wrote: > Some more amusing anecdotes from the world of PKI: Peter, Not to be too contrary (though at least a little) - not all of these are really PKI failures are they? > - There's malware out there that pokes fake Verisign certificates into the > Windows trusted cert store, allowing the malware authors to be their own > Verisign. The malware could just as easily fake the whole UI. Is it really PKI's fault that it doesn't defend against malware? Did even the grandest supporters ever claim it could/did? > - CAs have issued certs to cybercrime web sites like > https://www.pay-per-install.com (an affiliate program for malware > installers), because hey, the Russian mafia's money is as good as anyone > else's. Similarly here - non-EV CAs bind DNS names to a field in a certificate. No more. They don't vouch for the business being run, and in any case any such "audit" would be point in time anyway. I suppose way back when people "promised" that certs would do this, but does anyone believe that anymore and have it as an expectation? Perhaps you're setting the bar a bit high? BTW - do you have pointers to most of the things you've reported? I'd love to get the full sordid details :) - Andy - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com