In case nobody saw it yet, those things were in the news:
https://community.rapid7.com/community/infosec/sonar/blog/2014/09/04/107000-web-sites-no-longer-trusted-by-mozilla
http://threatpost.com/mozilla-1024-bit-cert-deprecation-leaves-107000-sites-untrusted/108114
I think those are misleading:
Hi Kathleen,
As discussed below, the changes were submitted and approved and we now have new
versions of the CP and CPS, however rather than send around this list I prefer
them to be published following our standard internal operating procedures
(which will take a few more days). However in
- Original Message -
From: Kurt Roeckx k...@roeckx.be
To: mozilla-dev-security-pol...@lists.mozilla.org
Sent: Monday, 8 September, 2014 10:48:35 AM
Subject: 1024 bit root removal in the news
In case nobody saw it yet, those things were in the news:
All,
I posted a security blog about 1024-bit certs...
https://blog.mozilla.org/security/2014/09/08/phasing-out-certificates-with-1024-bit-rsa-keys/
Kathleen
___
dev-security-policy mailing list
dev-security-policy@lists.mozilla.org
4 matches
Mail list logo