With the growing complexities of the internet, digital
certificates generated with 1024 bit key encryptions are no longer advisable. While
they proved to be unbreakable for the past few decades, with the advances in
technology, Generation X now has the ability of decrypting these chains allowing
a successful Man in the Middle attack resulting to unauthorized access to personally
identifiable information.
Understanding this curve of development in algorithms, the
National Institute of Standards and Technology (NIST) has recommended all CAs
to use 2048 bit key lengths on all issued digital certificate starting November
2010.
As a certificate authority valuing customers and industry
innovation most, GlobalSign has been religiously complying with NIST
guidelines and recommendations (in advisories 800-57 and 800-131) and
Microsoft’s mandatory requirements of Microsoft’s Root Certificate Program
(Technical Requirement Point 11). All of the issued digital certificates from
the GlobalSign comprehensive product line from December of 2010 have 2048 bit
key encryptions giving customers double protection from possible breach of
their data.
What happens?
All individuals and organizations requesting and/or renewing
SSL certificates from
GlobalSign will have to specify a 2048 bit key encryption length on their Certificate
Signing Requests (CSR) from November 29, 2010 onward. The system shall not
process CSRs with a 1024 or lower key lengths.
If are currently using a 1024 bit key length on your SSL’s
CSR and would like to renew under GlobalSign, you would have to create another
CSR with 2048 bit key encryption. In the event that you do not have the
technical expertise to do this, you may email our support team at support-asia@globalsign.com or
you can use GlobalSign’s AutoCSR function*
alternatively.
*AutoCSR may
only be used for DV and OV SSL orders. For EV SSL, client needs to manually
generate their Certificate Signing Requests.
Check your
Certificate’s Encryption Strength
Afterwards, click on Certificate Details. To know the encryption strength, refer to the details under Public Key.
No comments:
Post a Comment