On Mon, Sep 2, 2013 at 3:04 PM, Jeffrey I. Schiller <j...@mit.edu> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon, Sep 02, 2013 at 03:09:31PM -0400, Jerry Leichter wrote:
> > Google recently switched to 2048 bit keys; hardly any other sites
> > have done so, and some older software even has trouble talking to
> > Google as a result.
>
> Btw. As a random side-note. Google switched to 2048 bit RSA keys on
> their search engine. However my connection to mail.google.com is using
> a NIST p256r1 ECC key in its certificate.
>

As of Jan-2014 CAs are forbidden from issuing/signing anything less than
2048 certs.  Lots of people are acting now to get ahead of that.
EV's have been required to be 2048 for quite some time.

- Andy
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography

Reply via email to