This is somewhat off topic, and I apologize for the noise. I imagine
it could interop problems on occasion.
http://support.microsoft.com/kb/2661254
...
The strength of public-key-based cryptographic algorithms is
determined by the time that it takes to derive the private key by
using brute-force methods. The algorithm is considered to be strong
enough when the time that it takes to derive private key is
prohibitive enough by using the computing power at disposal. The
threat landscape continues to evolve. Therefore, Microsoft is further
hardening the criteria for the RSA algorithm with key lengths that are
less than 1024 bits long.
After the update is applied, only certificate chains that are built by
using the CertGetCertificateChain function are affected. The CryptoAPI
builds a certificate trust chain and validates that chain by using
time validity, certificate revocation, and certificate policies (such
as intended purposes). The update implements an additional check to
make sure that no certificate in the chain has an RSA key length of
less than 1024 bits.
...
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
