[145963] in cryptography@c2.net mail archive
Re: Formal notice given of rearrangement of deck chairs on RMS
daemon@ATHENA.MIT.EDU (Victor Duchovni)
Wed Oct 6 11:53:01 2010
Date: Wed, 6 Oct 2010 11:48:20 -0400
From: Victor Duchovni <Victor.Duchovni@morganstanley.com>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <E1P3L3e-0004NV-J5@wintermute02.cs.auckland.ac.nz>
On Wed, Oct 06, 2010 at 04:52:46PM +1300, Peter Gutmann wrote:
> From https://wiki.mozilla.org/CA:MD5and1024:
>
> December 31, 2010 - CAs should stop issuing intermediate and end-entity
> certificates from roots with RSA key sizes smaller than 2048 bits [0]. All
> CAs should stop issuing intermediate and end-entity certificates with RSA
> key size smaller than 2048 bits under any root.
>
> [...]
>
> Right, because the problem with commercial PKI is all those attackers who are
> factoring 1024-bit moduli, and apart from that every other bit of it works
> perfectly.
>
> Peter.
>
> [0] This is ambiguously worded, but it's talking about key sizes in EE certs.
What are "EE certs", did you mean "EV"?
--
Viktor.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
