nanog mailing list archives
Re: ADVANCE WARNING: Google moving to 2048-bit SSL and root keys
From: Ryan Gard <ryangard () gmail com>
Date: Sat, 25 May 2013 02:37:00 -0400
From what it looks like, I'd assume they'll be sticking with a CA that has
a 2048 bit certificate as well. Seems they also put a sandbox for testing together. That being said, they won't confirm or deny whether or not they'll be using the same CA as they have in the sandbox... https://cert-test.sandbox.google.com/ On Fri, May 24, 2013 at 9:34 PM, Jimmy Hess <mysidia () gmail com> wrote:
On 5/24/13, Jay Ashworth <jra () baylink com> wrote: Hm.. this might be no big deal if not for public key pinning and CA pinning in modern browsers of certain sites, they could just get themselves 2048 bit certificates from any CA... So what could otherwise be a routine certificate change, may have some unusual extra baggage attached to it -- requiring end users performing software code update in their only slightly outdated browsers, instead of just switching certificates, so they stop getting big red SSL errors when trying to perform searches via Google...Via PRIVACY Forum: ----- Forwarded Message -----From: "PRIVACY Forum mailing list" <privacy () vortex com>Google moving to longer SSL keys http://j.mp/10YAWaC (Google Online Security Blog)-- -JH
-- Ryan Gard
Current thread:
- ADVANCE WARNING: Google moving to 2048-bit SSL and root keys Jay Ashworth (May 24)
- Re: ADVANCE WARNING: Google moving to 2048-bit SSL and root keys Jimmy Hess (May 24)
- Re: ADVANCE WARNING: Google moving to 2048-bit SSL and root keys Ryan Gard (May 24)
- Re: ADVANCE WARNING: Google moving to 2048-bit SSL and root keys Jimmy Hess (May 24)