[cabfpub] Need exception to 1024-bit revocation requirement
Rick_Andrews at symantec.com
Mon Sep 23 06:57:39 MST 2013
No final resolution yet, although I'm planning to resolve it by removing the affected roots (they're 1024-bit) from browsers, thus releasing them from Baseline Requirements. It's taking time because I'm trying to figure out the impact to other customers.
On Sep 23, 2013, at 4:53 PM, "Gervase Markham" <gerv at mozilla.org> wrote:
> Hi everyone.
> On 06/06/13 20:36, Rick Andrews wrote:
>> It’s come to our attention that we’ve issued 1024-bit SSL certs to
>> customers that use them with what are called “pre-PCI POS PIN acceptance
>> devices”, and that those devices are incapable of working with a
>> 2048-bit key. VISA has stated that those devices may be used until
>> December 31, 2014 (see
>> , and our customers feel that revoking them will cause grave financial harm.
> Can someone remind me of the resolution, if any, of the discussion on
> this issue?
More information about the Public