> It seems that CAs are not bothering to contact their customers with weak > keys[1], although they are of course revoking the keys of customers who > ask, and reissuing certificates.
Gerv, I just wanted to mention that we've been working feverishly to automate checking of all valid certs in our databases. It's taking time because it's a huge task - we have hundreds of thousands of certs to check - but we intend to notify any customer who is using a weak key. -Rick Andrews -- Rick Andrews __o Phone: 650-426-3401 VeriSign, Inc. _ \>,_ Fax: 650-426-5195 487 E. Middlefield Rd. ...(_)/ (_) URL: www.verisign.com Mountain View, CA 94043 email: [EMAIL PROTECTED] _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
