Re: Only accepting 2048 bit or better certificates
On 06/21/2014 07:15 PM, Kurt Roeckx wrote: But I would like to start enforcing the 2048 bit as soon as possible. Do we have some criteria for at which point we're willing to break compatibility? I'm in favor of enforcing it which will help reduce even mistakenly issued certificates with smaller keys to be detected quickly and there will be no incentive to use such keys for web sites (there are other use-cases for non-browsers and those should be still permitted I guess). -- Regards Signer: Eddy Nigg, COO/CTO StartCom Ltd. http://www.startcom.org XMPP: start...@startcom.org xmpp:start...@startcom.org Blog: Join the Revolution! http://blog.startcom.org Twitter:Follow Me http://twitter.com/eddy_nigg ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: Only accepting 2048 bit or better certificates
On 21/06/14 17:15, Kurt Roeckx wrote: There are still a few new certificates generated with 1024 bits. I've been filing bugs about those and there were only a few so far this month. Thank you for doing this work; it really is appreciated. Gerv ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: Only accepting 2048 bit or better certificates
On Sat, Jun 21, 2014 at 05:37:20PM -0700, David E. Ross wrote: There are still a few new certificates generated with 1024 bits. I've been filing bugs about those and there were only a few so far this month. Maybe we can set a date from which we won't be accepting certificates with a smaller than 2048 bit key generated after that date? Should I put an effort into trying to get those certificates that are still seen revoked? Bug reports have been filed for each non-complying root certificate. See the following bugs: 1015767, 1015770, 1015771, 1015772, 1015773, 1026128, and 1026741. Those are based on who still generated new certificates recently, and as far as I know I didn't see them generate any new ones since I filed those bugs. The question is if I should also do it for older certificates. Kurt ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Only accepting 2048 bit or better certificates
Hi, The CA/B baseline requirement say that all RSA keys that are used since since 1 january 2014 should have been at least 2048 bit. All shorter than 2048 should have either expired or been revoked by that date. But it's still not the case. We're currently around 0.24% of the certificates that are being seen on the internet that still are too short. I've made a graph of the progress of this at which you can see at: http://www.roeckx.be/certificates/rsa_small_zoom.png If I do a linear interpolation of the last 3 months it looks like we might end up with 0% around January 2015, only 1 year after it was supposed to be the case. I hope the current trend stays that way. But I would like to start enforcing the 2048 bit as soon as possible. Do we have some criteria for at which point we're willing to break compatibility? There are still a few new certificates generated with 1024 bits. I've been filing bugs about those and there were only a few so far this month. Maybe we can set a date from which we won't be accepting certificates with a smaller than 2048 bit key generated after that date? Should I put an effort into trying to get those certificates that are still seen revoked? Kurt ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
RE: Only accepting 2048 bit or better certificates
I think getting them revoked would be the first step. If you make the data available about which CAs still have 1024 bit certs or lower, we could email the CAs and find out what is going on. Jeremy -Original Message- From: dev-security-policy [mailto:dev-security-policy-bounces+jeremy.rowley=digicert.com@lists.mozilla .org] On Behalf Of Kurt Roeckx Sent: Saturday, June 21, 2014 10:15 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Only accepting 2048 bit or better certificates Hi, The CA/B baseline requirement say that all RSA keys that are used since since 1 january 2014 should have been at least 2048 bit. All shorter than 2048 should have either expired or been revoked by that date. But it's still not the case. We're currently around 0.24% of the certificates that are being seen on the internet that still are too short. I've made a graph of the progress of this at which you can see at: http://www.roeckx.be/certificates/rsa_small_zoom.png If I do a linear interpolation of the last 3 months it looks like we might end up with 0% around January 2015, only 1 year after it was supposed to be the case. I hope the current trend stays that way. But I would like to start enforcing the 2048 bit as soon as possible. Do we have some criteria for at which point we're willing to break compatibility? There are still a few new certificates generated with 1024 bits. I've been filing bugs about those and there were only a few so far this month. Maybe we can set a date from which we won't be accepting certificates with a smaller than 2048 bit key generated after that date? Should I put an effort into trying to get those certificates that are still seen revoked? Kurt ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
Re: Only accepting 2048 bit or better certificates
On 6/21/2014 11:37 AM, Jeremy Rowley wrote: I think getting them revoked would be the first step. If you make the data available about which CAs still have 1024 bit certs or lower, we could email the CAs and find out what is going on. Jeremy -Original Message- From: dev-security-policy [mailto:dev-security-policy-bounces+jeremy.rowley=digicert.com@lists.mozilla .org] On Behalf Of Kurt Roeckx Sent: Saturday, June 21, 2014 10:15 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Only accepting 2048 bit or better certificates Hi, The CA/B baseline requirement say that all RSA keys that are used since since 1 january 2014 should have been at least 2048 bit. All shorter than 2048 should have either expired or been revoked by that date. But it's still not the case. We're currently around 0.24% of the certificates that are being seen on the internet that still are too short. I've made a graph of the progress of this at which you can see at: http://www.roeckx.be/certificates/rsa_small_zoom.png If I do a linear interpolation of the last 3 months it looks like we might end up with 0% around January 2015, only 1 year after it was supposed to be the case. I hope the current trend stays that way. But I would like to start enforcing the 2048 bit as soon as possible. Do we have some criteria for at which point we're willing to break compatibility? There are still a few new certificates generated with 1024 bits. I've been filing bugs about those and there were only a few so far this month. Maybe we can set a date from which we won't be accepting certificates with a smaller than 2048 bit key generated after that date? Should I put an effort into trying to get those certificates that are still seen revoked? Bug reports have been filed for each non-complying root certificate. See the following bugs: 1015767, 1015770, 1015771, 1015772, 1015773, 1026128, and 1026741. -- David E. Ross http://www.rossde.com/ On occasion, I filter and ignore all newsgroup messages posted through GoogleGroups via Google's G2/1.0 user agent because of spam, flames, and trolling from that source. ___ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy