Entrust has been working since 2010 to educate our customers on the migration away from 1024-bit RSA keys. We updated our policy in 2011 and summarized the status in 2013. Entrust has implemented migration and do not issue any RSA certificates less than 2048-bit keys and have discussed continued issuance using our 1024-bit root.
By the end of 2013 all compliant certification authorities (CAs) migrated their customers from SSL certificates with 1024-bit RSA keys to certificates with 2048-bit keys or another acceptable alternative. Now in 2014, the operating system and browser vendors will start to remove the 1024-bit root certificates that many have been embedded in the software for almost 20 years.
Mozilla will make the first move by removing some 1024-bit roots in the Firefox 32 release. The Entrust 1024-bit root certificate will be removed at that time. However, Mozilla has found there may be a complication due to the lazy system administrators.
In some cases, an intermediate CA was cross-certified by a 1024-bit root. For customers who bought a long-life certificate, they may still have an installation using a 1024-bit root that still validates in 2014 and may validate for a few more years. These customers were provided with an updated intermediate CA certificate signed by a 2048-bit root, but may not have installed this certificate.
In this case, Mozilla has tried to mitigate this problem by temporarily embedding a new version of the intermediate CA certificate signed by the 2048-bit root. This means that a new path will be provided to validate the website’s certificate.
Microsoft is also planning to remove the 1024-bit root certificates as early as November 2014. In the past Microsoft has configured Windows, so it will not trust any key of less than 1024-bits.
Entrust is in full support of the removal of the 1024-bit roots. It is good for the public-trusted certificate industry to have programs to strengthen the specifications and mitigate possible future attacks.