On 06/21/2014 07:15 PM, Kurt Roeckx wrote:
But I would like to start enforcing the 2048 bit as soon as
possible. Do we have some criteria for at which point we're
willing to break compatibility?
I'm in favor of enforcing it which will help reduce even mistakenly
issued certificates with smaller keys to be detected quickly and there
will be no incentive to use such keys for web sites (there are other
use-cases for non-browsers and those should be still permitted I guess).
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: start...@startcom.org <xmpp:start...@startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy
