{"id":1786,"date":"2014-09-08T15:09:21","date_gmt":"2014-09-08T22:09:21","guid":{"rendered":"http:\/\/blog.mozilla.org\/security\/?p=1786"},"modified":"2016-09-30T02:51:44","modified_gmt":"2016-09-30T09:51:44","slug":"phasing-out-certificates-with-1024-bit-rsa-keys","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/","title":{"rendered":"Phasing out Certificates with 1024-bit RSA Keys"},"content":{"rendered":"<p>For many years, <a title=\"Mozilla CA Communication\" href=\"https:\/\/wiki.mozilla.org\/CA:Communications#October_11.2C_2010\">Mozilla<\/a>, <a title=\"NIST Recommendations\" href=\"http:\/\/csrc.nist.gov\/publications\/nistpubs\/800-131A\/sp800-131A.pdf\">NIST<\/a>, the <a title=\"CA\/Browser Forum Baseline Requirements\" href=\"https:\/\/cabforum.org\/baseline-requirements-documents\/\">CA\/Browser Forum<\/a>, and <a title=\"Research on 1024-bit Keys\" href=\"http:\/\/arstechnica.com\/uncategorized\/2007\/05\/researchers-307-digit-key-crack-endangers-1024-bit-rsa\/\">others<\/a> have been encouraging Certification Authorities (CAs) to upgrade their 1024-bit RSA keys to a stronger cryptographic algorithm (either longer RSA keys or ECDSA). We are actively working with CAs to retire SSL and Code Signing certificates that have 1024-bit RSA keys in an effort to make the upgrade as orderly as possible, and to avoid having system administrators find themselves in emergency mode because their SSL keys were compromised. Our multi-pronged approach includes removing the SSL and Code Signing <a title=\"Mozilla's CA Certificate Policy\" href=\"https:\/\/www.mozilla.org\/en-US\/about\/governance\/policies\/security-group\/certs\/policy\/\">trust bits<\/a> from 1024-bit root certificates in <a title=\"NSS\" href=\"https:\/\/developer.mozilla.org\/en-US\/docs\/Mozilla\/Projects\/NSS\">NSS<\/a>, gathering telemetry about end-entity certificates with 1024-bit RSA keys, and then eventually showing an &#8220;<a title=\"Untrusted Connection Error\" href=\"https:\/\/support.mozilla.org\/en-US\/kb\/connection-untrusted-error-message?redirectlocale=en-US&amp;redirectslug=This+connection+is+untrusted\">Untrusted Connection<\/a>&#8221; error when a certificate in the chain has an RSA key that is less than 2048 bits.<\/p>\n<p>To help with migration off of 1024-bit root certificates, we are making changes in phases. The first phase involved removing or turning off trust bits for the following 1024-bit root certificates in Firefox 32.<\/p>\n<p>In Firefox 32, the following 1024-bit CA certificates were either removed, or their SSL and Code Signing trust bits were turned off:<\/p>\n<ul>\n<li><a title=\"Entrust\" href=\"http:\/\/www.entrust.net\/knowledge-base\/technote.cfm?tn=7710\">Entrust<\/a>\n<ul>\n<li>CN = Entrust.net Secure Server Certification Authority<\/li>\n<li>SHA1 Fingerprint: 99:A6:9B:E6:1A:FE:88:6B:4D:2B:82:00:7C:B8:54:FC:31:7E:15:39<\/li>\n<\/ul>\n<\/li>\n<li><a title=\"SECOM\" href=\"http:\/\/www.secomtrust.net\/\">SECOM<\/a>\n<ul>\n<li>OU = ValiCert Class 1 Policy Validation Authority<\/li>\n<li>SHA1 Fingerprint: E5:DF:74:3C:B6:01:C4:9B:98:43:DC:AB:8C:E8:6A:81:10:9F:E4:8E<\/li>\n<\/ul>\n<\/li>\n<li><a title=\"GoDaddy\" href=\"http:\/\/support.godaddy.com\/godaddy\/its-time-to-upgrade-1024-bit-certificates\/\">GoDaddy<\/a>\n<ul>\n<li>OU = ValiCert Class 2 Policy Validation Authority<\/li>\n<li>SHA1 Fingerprint: 31:7A:2A:D0:7F:2B:33:5E:F5:A1:C3:4E:4B:57:E8:B7:D8:F1:FC:A6<\/li>\n<\/ul>\n<\/li>\n<li><a title=\"RSA CA\" href=\" http:\/\/www.emc.com\/security\/rsa-digital-certificate.htm#!resources\">EMC \/ RSA<\/a>\n<ul>\n<li>OU = ValiCert Class 3 Policy Validation Authority<\/li>\n<li>SHA1 Fingerprint: 69:BD:8C:F4:9C:D3:00:FB:59:2E:17:93:CA:55:6A:F3:EC:AA:35:FB<\/li>\n<\/ul>\n<\/li>\n<li><a title=\"Symantec\" href=\"http:\/\/www.symantec.com\/page.jsp?id=1024-bit-migration-faq\">Symantec \/ VeriSign<\/a>\n<ul>\n<li>OU = Class 3 Public Primary Certification Authority<\/li>\n<li>SHA1 Fingerprint: A1:DB:63:93:91:6F:17:E4:18:55:09:40:04:15:C7:02:40:B0:AE:6B<\/li>\n<li>OU = Class 3 Public Primary Certification Authority<\/li>\n<li>SHA1 Fingerprint: 74:2C:31:92:E6:07:E4:24:EB:45:49:54:2B:E1:BB:C5:3E:61:74:E2<\/li>\n<\/ul>\n<\/li>\n<li><a title=\"Netlock\" href=\"http:\/\/www.netlock.hu\/USEREN\/html\/hirek.html\">NetLock<\/a>\n<ul>\n<li>CN = NetLock Uzleti (Class B) Tanusitvanykiado<\/li>\n<li>SHA1 Fingerprint: 87:9F:4B:EE:05:DF:98:58:3B:E3:60:D6:33:E7:0D:3F:FE:98:71:AF<\/li>\n<li>CN = NetLock Expressz (Class C) Tanusitvanykiado<\/li>\n<li>SHA1 Fingerprint: E3:92:51:2F:0A:CF:F5:05:DF:F6:DE:06:7F:75:37:E1:65:EA:57:4B<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>If you run an SSL-enabled website, this change will not impact you if your certificates and the CAs above it have 2048-bit keys or more. If your SSL certificate has a 1024-bit key, or was issued by a CA with a 1024-bit key, then you will need to get a new SSL certificate, and update the certificates in your Web server. If the intermediate certificate that you are using has a 1024-bit key, then you will need to download the 2048-bit intermediate certificate from the CA, and update the certificate chain in your Web server. For your convenience, links to the impacted CAs are provided in the list above.<\/p>\n<p>The second phase of migrating off of 1024-bit root certificates involves the changes identified in Bugzilla <a title=\"Bugzilla Bug #986014\" href=\"https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=986014 \">Bug #986014<\/a> and <a title=\"Bugzilla Bug #1047011\" href=\"https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=1047011 \">Bug #1047011<\/a>. The root certificates under consideration for the second phase are Thawte, VeriSign, Equifax, and GTE CyberTrust 1024-bit root certificates. These root certificates are operated by <a title=\"Symantec\" href=\"http:\/\/www.symantec.com\/page.jsp?id=1024-bit-migration-faq\">Symantec<\/a> and <a title=\"Verizon\" href=\"http:\/\/cybertrust.omniroot.com\/repository\/\">Verizon<\/a> Certificate Services, and we are planning these changes to be released in Firefox in early 2015. As always, these root certificate changes will be discussed in the <a title=\"mozilla.dev.security.policy Discussion Forum\" href=\"http:\/\/www.mozilla.org\/about\/forums\/#dev-security-policy\">mozilla.dev.security.policy<\/a> forum.<\/p>\n<p>The third and final phase of migrating off of 1024-bit root certificates involves the changes identified in Bugzilla <a title=\"Bugzilla Bug #986019\" href=\"https:\/\/bugzilla.mozilla.org\/show_bug.cgi?id=986019\">Bug #986019<\/a>, which relates to Equifax root certificates that are owned by Symantec. The plan for the third phase of 1024-bit root changes will be discussed in the <a title=\"mozilla.dev.security.policy Discussion Forum\" href=\"http:\/\/www.mozilla.org\/about\/forums\/#dev-security-policy\">mozilla.dev.security.policy<\/a> forum. We are targeting to complete the migration off of 1024-bit root certificates in the first half of 2015, after which no 1024-bit root certificates will be trusted to identify websites or software makers.<\/p>\n<p>Please check your SSL certificates and replace any with 1024-bit RSA keys, and contact <a title=\"mozilla.dev.security.policy Discussion Forum\" href=\"http:\/\/www.mozilla.org\/about\/forums\/#dev-security-policy\">mozilla.dev.security.policy<\/a> if you have comments or concerns.<\/p>\n<p>Mozilla Security Engineering Team<\/p>\n","protected":false},"excerpt":{"rendered":"<p>For many years, Mozilla, NIST, the CA\/Browser Forum, and others have been encouraging Certification Authorities (CAs) to upgrade their 1024-bit RSA keys to a stronger cryptographic algorithm (either longer RSA &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/\">Read more<\/a><\/p>\n","protected":false},"author":581,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[45538,69],"tags":[],"coauthors":[45544],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Phasing out Certificates with 1024-bit RSA Keys - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kathleen Wilson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/\",\"name\":\"Phasing out Certificates with 1024-bit RSA Keys - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2014-09-08T22:09:21+00:00\",\"dateModified\":\"2016-09-30T09:51:44+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Phasing out Certificates with 1024-bit RSA Keys\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063\",\"name\":\"Kathleen Wilson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/8d4547801f543f8990aecbcfc9c18eca\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g\",\"caption\":\"Kathleen Wilson\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Phasing out Certificates with 1024-bit RSA Keys - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/","twitter_misc":{"Written by":"Kathleen Wilson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/","url":"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/","name":"Phasing out Certificates with 1024-bit RSA Keys - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2014-09-08T22:09:21+00:00","dateModified":"2016-09-30T09:51:44+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2014\/09\/08\/phasing-out-certificates-with-1024-bit-rsa-keys\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"Phasing out Certificates with 1024-bit RSA Keys"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/5cc0f3b46b6626ffb6e3b7c24fbf5063","name":"Kathleen Wilson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/8d4547801f543f8990aecbcfc9c18eca","url":"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/faede0fc9d625b79b41f567407337db6?s=96&d=identicon&r=g","caption":"Kathleen Wilson"}}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/1786"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/581"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=1786"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/1786\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=1786"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=1786"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=1786"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=1786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}