Re: Any special preparations in anticipation of KB2661254 (Key Length) patch?

["Hanson, Mike" <mhanson () CSS EDU>]

Marty,

I emailed our server admins asking them to go through all their server
certs to make sure they were o.k.. We found a couple on admin interfaces
for commercial software.

I also notified out techs that they may be seeing issues out in the field.
I have not talked to our help desk yet.

It is hard to tell how big of deal this will become.


Mike Hanson, CISSP
Network Security Manager
The College of St. Scholastica
Duluth, MN 55811






On Wed, Sep 12, 2012 at 1:53 PM, Martin Manjak <mmanjak () albany edu> wrote:

> MS will release their Update for Minimum Certificate Key Length to WSUS
> next month.
>
> I'm curious about any special preparations anyone may have taken to
> identify certs within their domains that may not meet the new minimum
> key length standard (1024).
>
> Embedded devices, if using SSL, come to mind as a potential source of
> problems.
>
> Also, is anyone briefing their Help Desk staff on how to respond to
> callers who report that they can't connect to sites because of the new
> requirement?
>
> It's hard to tell how much is going to break with this update.
> Marty
>
> --
>
> Martin Manjak
> CISSP, GIAC GSEC-G
> Information Security Officer
> University at Albany
> MSC 209 518/437-3813
>
> The University at Albany will never ask you to reveal your password.
> Please ignore all such requests.