We do not have a concrete plan to turn off support for 1024-bit keys, but we are actively working on phasing out support for keys shorter than 2048 bits. I would *strongly* recommend using a 2048-bit key for any new certs, and upgrading any existing certs with shorter keys.
Sent from my iPhone. Please excuse brevity. > On May 25, 2015, at 12:00, "[email protected]" <[email protected]> > wrote: > > Hi all, > > will Firefox, in the near future, start rejecting OCSP responses signed with > a 1024-bit key, when checking the status of SSL Server certificates ? > > Adriano > > -- > dev-tech-crypto mailing list > [email protected] > https://lists.mozilla.org/listinfo/dev-tech-crypto -- dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
