[cabfpub] RSA keysize violations
Rob Stradling
rob.stradling at comodo.com
Wed Jan 8 13:27:31 UTC 2014
On 06/01/14 12:43, Rob Stradling wrote:
<snip>
>>> The cut-off date for <2048-bit keys was a few days ago.
Sigh. Looks like at least 2 CAs haven't yet noticed. :-(
1. C=TR, O=Elektronik Bilgi Guvenligi A.S., CN=e-Guven Kok Elektronik
Sertifika Hizmet Saglayicisi
(Trusted by the Microsoft and Mozilla root programs)
https://www.mellatbank.com
https://ubs.omu.edu.tr
- notBefore = Jan 2nd 2014 / Jan 6th 2014.
- 1024-bit RSA key.
- Issued directly by a Root Certificate.
- Several required extensions missing.
2. C=CZ, CN=I.CA - Standard root certificate, O=Prvni certifikacni
autorita a.s.
(Trusted by the Microsoft root program)
https://q.ica.cz
https://s.ica.cz
- notBefore = Jan 2nd 2014.
- 1024-bit RSA key.
- Issued directly by a Root Certificate (although these might qualify
as "infrastructure" or "testing" certs, as per BRs Section 12).
- Several required extensions missing.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the Public
mailing list