Confirm, administrator
5,526
edits
Changes
m
→Dates for Phasing out MD5-based signatures and 1024-bit moduli
* '''December 31, 2010''' – CAs should stop issuing intermediate and end-entity certificates from roots with RSA key sizes smaller than 2048 bits. All CAs should stop issuing intermediate and end-entity certificates with RSA key size smaller than 2048 bits under any root.
** [http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-131 DRAFT Recommendation for the Transitioning of Cryptographic Algorithms and Key Sizes:] Key lengths providing 80 bits of security using approved digital signature algorithms are allowed for '''legacy''' use after 2010.
*** This means that CAs should only consider issuing a 1024-bit certificate if it is requested and justified by the subscriber for a specific reasonsreason, such as interoperability with devices that do not yet support certificates with larger key sizes.
*** The CA must assess the risk involved in issuing such a certificate for legacy use/interoperability, and determine if they are willing to accept the risk, as well as any possible liability. The subject and relying parties also need to determine if they will accept any risks and liabilities.
** All certificates with RSA key size smaller than 2048 bits must expire by the end of 2013.
