On 06/21/2014 07:15 PM, Kurt Roeckx wrote:
But I would like to start enforcing the 2048 bit as soon as possible. Do we have some criteria for at which point we're willing to break compatibility?
I'm in favor of enforcing it which will help reduce even mistakenly issued certificates with smaller keys to be detected quickly and there will be no incentive to use such keys for web sites (there are other use-cases for non-browsers and those should be still permitted I guess).
-- Regards Signer: Eddy Nigg, COO/CTO StartCom Ltd. <http://www.startcom.org> XMPP: start...@startcom.org <xmpp:start...@startcom.org> Blog: Join the Revolution! <http://blog.startcom.org> Twitter: Follow Me <http://twitter.com/eddy_nigg> _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy