[cabfpub] Need exception to 1024-bit revocation requirement
Gervase Markham
gerv at mozilla.org
Mon Sep 23 13:53:48 UTC 2013
Hi everyone.
On 06/06/13 20:36, Rick Andrews wrote:
> It’s come to our attention that we’ve issued 1024-bit SSL certs to
> customers that use them with what are called “pre-PCI POS PIN acceptance
> devices”, and that those devices are incapable of working with a
> 2048-bit key. VISA has stated that those devices may be used until
> December 31, 2014 (see
> _http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CDcQFjAA&url=http%3A%2F%2Fusa.visa.com%2Fdownload%2Fmerchants%2Fretirement-of-pre-pci-attended-pos-pin-entry-devices.pdf&ei=Nd6wUaa2ForXigKb-4BY&usg=AFQjCNHtHptM1jQudRTl8pnMx-MKC7z6fw&sig2=ItouLeVwv8wkQYGpi9nPVQ&bvm=bv.47534661,d.cGE_)
> , and our customers feel that revoking them will cause grave financial harm.
Can someone remind me of the resolution, if any, of the discussion on
this issue?
Thanks,
Gerv
More information about the Public
mailing list