At 10:57 AM -0400 9/14/10, Perry E. Metzger did not write, but passed on for someone else: >This suggests to me that even if NIST is correct that 2048 bit RSA >keys are the reasonable the minimum for new deployments after 2010, >much shorter keys are appropriate for most server certificates that >these CAs will sign. The CA keys have lifetimes of 10 years or more; >the server keys a a quarter to a fifth of that.
No, no, a hundred times no. (Well, about 250 times, or however many CAs are in the current OS trust anchor piles.) The "lifetime" of a "CA key" is exactly as long as the OS or browser vendor keeps that key, usually in cert form, in its trust anchor pile. You should not extrapolate *anything* from the contents of the CA cert except the key itself and the proclaimed name associated with it. --Paul Hoffman, Director --VPN Consortium --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
