[145966] in cryptography@c2.net mail archive
Re: Formal notice given of rearrangement of deck chairs on RMS PKItanic
daemon@ATHENA.MIT.EDU (Matt Crawford)
Wed Oct 6 15:31:02 2010
Date: Wed, 06 Oct 2010 13:32:00 -0500
From: Matt Crawford <crawdad@fnal.gov>
In-reply-to: <20101006154820.GN11550@np305c2n2.ms.com>
To: Cryptography List <cryptography@metzdowd.com>
Cc: Victor Duchovni <Victor.Duchovni@morganstanley.com>
--Apple-Mail-26-992559170
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
On Oct 6, 2010, at 10:48 AM, Victor Duchovni wrote:
> On Wed, Oct 06, 2010 at 04:52:46PM +1300, Peter Gutmann wrote:
>=20
>> =46rom https://wiki.mozilla.org/CA:MD5and1024:
>>=20
>> December 31, 2010 - CAs should stop issuing intermediate and =
end-entity
>> certificates from roots with RSA key sizes smaller than 2048 bits =
[0]. All
>> CAs should stop issuing intermediate and end-entity certificates =
with RSA
>> key size smaller than 2048 bits under any root.
>>=20
>> [...]
>>=20
>> [0] This is ambiguously worded, but it's talking about key sizes in =
EE certs.
>=20
> What are "EE certs", did you mean "EV"?
EE =3D End Entity, but I don't read the first sentence the way Peter =
did. I parse it as
>> CAs should stop issuing (intermediate and end-entity
>> certificates) from (roots with RSA key sizes smaller than 2048 bits).
That is, if your CA key size is smaller, stop signing with it.
Of course, if it's important to stop signing with it, it's equally =
important to revoke all signatures already made.
--Apple-Mail-26-992559170
Content-Disposition: attachment;
filename=smime.p7s
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Transfer-Encoding: base64
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIEJjCCBCIw
ggMKoAMCAQICAwCiSTANBgkqhkiG9w0BAQUFADBpMRMwEQYKCZImiZPyLGQBGRYDb3JnMRgwFgYK
CZImiZPyLGQBGRYIRE9FR3JpZHMxIDAeBgNVBAsTF0NlcnRpZmljYXRlIEF1dGhvcml0aWVzMRYw
FAYDVQQDEw1ET0VHcmlkcyBDQSAxMB4XDTEwMDEyODE0MzQyOVoXDTExMDEyODE0MzQyOVowXzET
MBEGCgmSJomT8ixkARkWA29yZzEYMBYGCgmSJomT8ixkARkWCGRvZWdyaWRzMQ8wDQYDVQQLEwZQ
ZW9wbGUxHTAbBgNVBAMTFE1hdHQgQ3Jhd2ZvcmQgNzU1MTM1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmhawD7fzIq81mhuNG9NO/8WzBWKPF3h1+hX57CfqU4J3MF3IoO/PHKaeqcMR
eRie9HyeJszmCP7+dUvS4q/Nsn6TgvN6qysQOI+d7PuBaYGPWBzobKo5SDA0nmjP436oknaAwWnJ
hl5Q8ruqDLw4GGK9afJhwzcxMITS/hs3uFEzaEoFIFnpA9SqVEO1fxFoZ15fHEFPC1nJ2QJReDO0
8mE1NoWywdAULubQYi0Ztl3YvmWcXNjWnN0TWBsIIm6YTUVVqqr7KSCD/cxRHAREkFqFK6ciqU+q
Tm0UC2fcbm6UORNThKO41Wy8hGTJffC72aWdxqel+z7wbD6IhMGIVQIDAQABo4HcMIHZMBEGCWCG
SAGG+EIBAQQEAwIF4DAOBgNVHQ8BAf8EBAMCBPAwNgYDVR0gBC8wLTANBgsqhkiG90wDBwEDATAM
BgoqhkiG90wFAgIBMA4GDCqGSIb3TAUCAwIBATA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3Js
LmRvZWdyaWRzLm9yZy8xYzNmMmNhOC8xYzNmMmNhOC5jcmwwGwYDVR0RBBQwEoEQY3Jhd2RhZEBm
bmFsLmdvdjAfBgNVHSMEGDAWgBTKGR0Sjm6kOF1C1DEOCNvZjRcNXTANBgkqhkiG9w0BAQUFAAOC
AQEAD5hlnBro4sS4H3IyfQUe41mCrQmu0/TphOFNTLukp4Ay2z0rdvMmGwychSEEnxeaa7+8LLL3
f9yyqFapwNQagiRjeldojlitdTW2U0jVnxrRKc0aX/HHzsoUJ95KUEYGLbAQ2gYzqfcEHixzfAJy
cSi5U8ullfbxfv1SX2JCfn1Nv8cCu29BwxQwk/oH1AGz5ba6sLPRA3WiCq8Jolc4CQ6PH4L9KqdJ
XtULCZGsyKnU7klG7EmqyiNM5pxCjbxV/hTYd+B1sbhZfs+CJLjb4M7xt8Ok6Mes4hQ3jfAu8igi
ReOtaNcLOTO5jOE/vfUhkEHLKMQsWTwGA3tmMuRXlTGCAv0wggL5AgEBMHAwaTETMBEGCgmSJomT
8ixkARkWA29yZzEYMBYGCgmSJomT8ixkARkWCERPRUdyaWRzMSAwHgYDVQQLExdDZXJ0aWZpY2F0
ZSBBdXRob3JpdGllczEWMBQGA1UEAxMNRE9FR3JpZHMgQ0EgMQIDAKJJMAkGBSsOAwIaBQCgggFi
MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTEwMTAwNjE4MzIwMVow
IwYJKoZIhvcNAQkEMRYEFBNxBGQA0WLzPILLSDodxEnA1UglMH8GCSsGAQQBgjcQBDFyMHAwaTET
MBEGCgmSJomT8ixkARkWA29yZzEYMBYGCgmSJomT8ixkARkWCERPRUdyaWRzMSAwHgYDVQQLExdD
ZXJ0aWZpY2F0ZSBBdXRob3JpdGllczEWMBQGA1UEAxMNRE9FR3JpZHMgQ0EgMQIDAKJJMIGBBgsq
hkiG9w0BCRACCzFyoHAwaTETMBEGCgmSJomT8ixkARkWA29yZzEYMBYGCgmSJomT8ixkARkWCERP
RUdyaWRzMSAwHgYDVQQLExdDZXJ0aWZpY2F0ZSBBdXRob3JpdGllczEWMBQGA1UEAxMNRE9FR3Jp
ZHMgQ0EgMQIDAKJJMA0GCSqGSIb3DQEBAQUABIIBAFxWTifRhkiHzfeo90NRY4916dpjNcdehAgr
UmDMLHhl3PjhwvKDbqhYhmJg+zEDrN5qNjTaT9Ep++S8aTP6qmTIe48L/RPBtO4FMyKQYvO7wX5a
QrvzP6fj5eWHl9DHFgXO1RxqQM+kpyDr8kyjiWgkmutA4aIliQs7sHhFJhpI1zHLjvhJ6nf2vtvc
HxzCabsHEDG9EghhsWNlR/sGLnkLf/wpMOjyRcc+YT21KtF50eAaFDcx0HDrxNjIwTlPq5HTT8GQ
3t7nQZV0Jn3fR4R5KYoVQGeUETqjyJRLRK4x1MFwHKreCYvTM4T7i+6mtBKIutEYlQxiSq1Y6zgY
WhYAAAAAAAA=
--Apple-Mail-26-992559170--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
