Confirm, administrator
5,526
edits
Changes
m
→Dates for Phasing out MD5-based signatures and 1024-bit moduli
== Dates for Phasing out MD5-based signatures and 1024-bit moduli ==
High Level Summary of Dates:
# CAs may request that their legacy roots be disabled or removed from NSS earlier, according to the [[CA:Root_Change_Process | Root Change Process]]
=== Background ===
MD5 certificates may be compromised when attackers can create a fake cert that hashes to the same value as one with a legitimate signature, and is hence trusted. Mozilla can mitigate this potential vulnerability by turning off support for MD5-based signatures. The MD5 root certificates don’t necessarily need to be removed from NSS, because the signatures of root certificates are not validated (roots are self-signed). Disabling MD5 will impact intermediate and end entity certificates, where the signatures are validated.
The date for disabling/removing 1024-bit root certificates will be dependent on the state of the art in public key cryptography, but under no circumstances should any party expect continued support for this modulus size past December 31, 2013. As mentioned above, this date could get moved up substantially if new attacks are discovered. We recommend all parties involved in secure transactions on the web move away from 1024-bit moduli as soon as possible.
=== Non-RSA Signature Algorithms ===
What are the minimum requirements for DSA keys?
What are the minimum requirements for ECC certs?
