On 9/8/14 5:05 PM, Kathleen Wilson wrote:
I posted a security blog about 1024-bit certs...
https://blog.mozilla.org/security/2014/09/08/phasing-out-certificates-with-1024-bit-rsa-keys/
==
"The second phase of migrating off of 1024-bit root certificates
involves the changes identified in Bugzilla Bug #986014 and Bug
#1047011. The root certificates under consideration for the second phase
are Thawte, VeriSign, Equifax, and GTE CyberTrust 1024-bit root
certificates. These root certificates are operated by Symantec and
Verizon Certificate Services, and we are planning these changes to be
released in Firefox in early 2015."
==
The changes for the second phase of migrating off of 1024-bit root
certificates are in NSS 3.17.3, which is being picked up by Firefox 36.
The list of root changes is here:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.17.3_release_notes
The release calendar is here:
https://wiki.mozilla.org/RapidRelease/Calendar
Thanks,
Kathleen
_______________________________________________
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security-policy