Tag Archives: Mozilla

Firefox to Block Mixed Content

May 2, 2013 by Bruce Morton     No Comments

Website owners who have mixed-content pages will surely be impacted and should make changes. Along with Firefox, Internet Explorer, Chrome and Opera already block mixed content. This means the users of the site will get trust warnings or the browser’s security indication (i.e., lock icon) may not be present.

Mozilla Endorses SSL Baseline Requirements

February 27, 2013 by Bruce Morton     2 Comments

The CA/Browser Forum SSL Baseline Requirements have been endorsed by Mozilla and have been included in their certificate authority (CA) certificate policy.

SSL News from Black Hat and DEF CON

August 28, 2012 by Bruce Morton     No Comments

I like to follow up each year with the SSL news from Black Hat USA and DEF CON 20. I was just looking for my 2011 follow-up and found out that I never released it. Unfortunately, I started the write up just before the DigiNotar fiasco and never finished it. So what SSL presentations occurred [Read More...]

If You Don’t Like Your CA’s Practices, Find One More Sympatico

April 24, 2012 by Jon Callas     No Comments

The following Mozilla bug came my way via the Cryptography mailing list. The gist of it is that a Norton (né VeriSign) customer asked for a certificate with two-year certificate, and got one with six-year validity. I don’t precisely understand why the customer is complaining to Mozilla, but they didn’t get satisfaction with Norton, who [Read More...]

Key Size Update

January 24, 2011 by Bruce Morton     No Comments

Last summer I posted a blog about the move 2048-bit RSA keys in SSL certificates. While I was drafting my post, NIST was working on a new Special Publication. This document, just released as NIST SP 800-131A, allows a transition period to from 1024-bit to 2048-bit RSA keys. In the period of 1 January 2011 [Read More...]

Filed Under: Secure Browsing, SSL Deployment Tagged With: 2048, Firefox, Microsoft

What’s the deal with 2048-bit keys?

June 23, 2010 by Bruce Morton     No Comments

Entrust has been getting a lot of questions about the move to 2048-bit RSA keys.  The move is causing some web administrators concern, so we thought it would be a good time to clarify the reasoning behind the move to 2048-bit keys. The US National Institute of Standards and Technology (NIST) prepared a special report [Read More...]