AnsweredAssumed Answered

CA <=1024

Question asked by Rob_T on Mar 15, 2014




The industry deadline for the deprecation of these small keys has passed on 31-December-2013 and as of 11-March-2014 * Secure Server Certification Authority* has been removed from the Microsoft root program for Authenticating Servers.


• Mozilla (Firefox) has stated that the affected Root CA will be removed for SSL in the Firefox browser when version 28 is released, which is scheduled for, on or around 18 March 2014.


• Google have stated that for their browser Chrome, 1024-bit end-entity certificates will generate a warning but it will not immediately block 1024-bit Root CA certificates. However, this exception for 1024-bit Root CAs is temporary and may change with little warning.