The date for disabling/removing 1024-bit root certificates will be dependent on the state of the art in public key cryptography, but under no circumstances should any party expect continued support for this modulus size past December 31, 2013. As mentioned above, this date could get moved up substantially if new attacks are discovered. We recommend all parties involved in secure transactions on the web move away from 1024-bit moduli as soon as possible.
=== Other Signature Algorithms NIST Recommendations ===
What According to [http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57-Part1-revised2_Mar08-2007.pdf NIST SP 800-57] the recommended algorithms and minimum key sizes are as follows (see Table 4 of the NIST document)* Through 2010 (minimum requirements for of 80 bits of strength)** FFC (e.g., DSA keys?, D-H) Minimum: L=1024; N=160** IFC (e.g., RSA) Minimum: k=1024** ECC(e.g. ECDSA) Minimum: greater or equal to P256 modulusf=160* Through 2030 (minimum of 112 bits of strength)** FFC (e.g., DSA, D-H) Minimum: L=2048; N=224** IFC (e.g., RSA) Minimum: k=2048** ECC (e.g. ECDSA) Minimum: f=224* Beyond 2030 (minimum of 128 bits of strength)** FFC (e.g., DSA, D-H) Minimum: L=3072; N=256** IFC (e.g., RSA) Minimum: k=3072** ECC (e.g. ECDSA) Minimum: f=256
