This post was originally published on the CA Security Council blog. Looking Back at 2014 End of 1024-bit Security In 2014, the SSL industry moved to issuing a minimum security of 2048-bit RSA certificates. Keys smaller than 2048 are no longer allowed in server certificates. In addition, Microsoft and Mozilla started to remove 1024-bit roots from their certificate stores. Hopefully, the
One of the advantages of the SSL industry is that certificates can be issued from most trusted certification authorities (CAs). This allows certificate customers flexibility in choosing their CA or deciding to use a number of CAs. The disadvantage is the end-user does not know if the CA was authorized to issue the certificate and there could be a chance that the certificate is fraudulent.