Paul Hoffman wrote: > Thus, if we have any > 1024-bit keys in the root pile (and we might still have ones > shorter...), requiring all new CA keys to be 2048 bits (for example) has > no effect on Mallory: he still attacks one of the current roots and gets > the exact same effect.
So? While it might not improve security *immediately*, I don't see why a gradual transition to stricter requirements is a problem. Are you suggesting we're stuck with small keys forever, or that all CAs must switch simultaneously? Justin _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
