Threatpost reports:
When Firefox 32 shipped this week, Mozilla also officially ended its support of 1024-bit certificate authority certificates in its trusted store.
While it still takes a considerable amount of resources to factor and crack a 1024-bit RSA key, important organizations such as NIST have been advising organizations to move to 2048-bit keys or higher(PDF) going as far back as 2011. Microsoft announced a change to its certificate key length requirements shortly thereafter, yet others including Google, have been slow to follow suit.
Mozilla's move to deprecate 1024-bit certs in not only Firefox, but also in Thunderbird, is certainly welcome news. With state-sponsored targeted attacks ramping up, and the uncertainty over the NSA's and others' abilities in the intelligence community around cracking or subverting crypto, security experts urge organizations to put up higher barriers to keep hackers and the IC at bay.
[...]
Chrome is the remaining browser of the big three to fall in line. [Metasploit creator and Rapid7 Chief Security Officer, HD Moore] said removing old certificates is only part of the solution for Google, whose browser also implements certificate pinning. Google's Certificate Transparency project and its efforts to revamp OpenSSL are also important steps forward, he said.
"From recent conversations on Twitter, it sounds like the Chromium project [Chrome's open source base] developers want to remove 1024-bit CA certificates as soon as possible, but are still concerned about the number of web sites that would be affected," said Moore.
(Score: 4, Insightful) by davester666 on Tuesday September 09 2014, @05:15AM
The sites are trusted exactly the same by the end-user. The browser the user is using has changed the amount of trust it thinks the user should have for those web sites.
(Score: -1, Troll) by Anonymous Coward on Tuesday September 09 2014, @05:39AM
GaySoylentNiggerNews: SO FUCKIN TRUSTWORTHY.
(Score: 2) by frojack on Tuesday September 09 2014, @06:40AM
The browser the user is using has changed the amount of trust it thinks the user should have for those web sites.
I'm not sure its their job to do that. It ought to be a user's choice to trust a valid certificate.
Unless or until 1024 bit are actually widely known to be compromised, they're still valid.
Given that the courts are issuing search warrants [wired.com] to hand over certificates, there seems little reason to get all uppity about something that is likely to be handed over anyway.
No, you are mistaken. I've always had this sig.
(Score: 2, Insightful) by Anonymous Coward on Tuesday September 09 2014, @09:48AM
> Unless or until 1024 bit are actually widely known to be compromised, they're still valid.
No need to fix a leaky roof until it is actually raining.
(Score: 0) by Anonymous Coward on Wednesday September 10 2014, @11:38AM
But the user doesn't know how much they should trust these certificates. Surely the user is trusting their browser to make this judgement for them.
(Score: 0) by Anonymous Coward on Tuesday September 09 2014, @07:22AM
It's not that kind of trust.
(Score: 3, Funny) by Subsentient on Tuesday September 09 2014, @05:22AM
I use an 8192-bit certificate for my main site. In retrospect, that was a good idea.
"It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
(Score: 3, Informative) by stderr on Tuesday September 09 2014, @08:26AM
It should probably be noted that most of those 107k certificates are expired and therefore would be untrusted anyway.
alias sudo="echo make it yourself #" #
(Score: 4, Interesting) by bradley13 on Tuesday September 09 2014, @09:57AM
The whole trust model is just wrong. Users cannot know what certificates to trust, and the browsers include dozens of CAs that even technical folks have never heard of. Do you trust the CA in Estonia? How can you decide?
What about a CA in China - I'm sure the Chinese government would never be able to bring undo pressure on a CA to issue a fake certificate.
I don't have the answer, but the current system is very broken...
Everyone is somebody else's weirdo.
(Score: 2) by jimshatt on Tuesday September 09 2014, @10:25AM
For really important stuff, like banking and payment providers, a certificate could be sent via another route (snail mail?) and maybe even request a client certificate back?
This proposal is probably thoroughly flawed, because I'm not an expert.
(Score: 3) by theluggage on Tuesday September 09 2014, @12:23PM
No - the flaw is in the problem that both you and the current certificate system are trying to solve: basically, how to establish trust, in a world where you can't trust anybody, without requiring any extra expense or effort by the communicating parties.
Use 8192-bit certificates if you want to, but unless the certificate was personally handed to you by someone who's identity you could independently confirm, it is like putting a steel door on a tent.
...and, yes, the banks and payment providers should be physically and securely distributing certificates and keys to users. Before being able to log on to your e-banking site you should go to a bricks-and-mortar bank (that you know has been there for years) with three forms of ID, to exchange credentials. To actually get your own certificate you should have to go for interview at the CA taking a briefcase-full of ID documents, trademark registrations and 3 year's worth of company accounts, and the CA would have to be pretty much run, or at least regulated, by the government anyway (its not that I trust the government - hell no - its that I trust the alternatives less, and if the government really do want my data then they'll probably get it one way or another). That would, of course, not be particularly acceptable to internet users.
(Score: 2) by jimshatt on Tuesday September 09 2014, @08:28PM
Other sites OTOH, I usually trust with a username and password because I don't use the same password for every site, but I still don't want a MITM to snoop. Physical exchange would be overkill in that scenario.
(Score: 3, Interesting) by FatPhil on Wednesday September 10 2014, @02:58PM
Oi!
Estonia's one of the most tech-savvy and advanced of the countries that you wouldn't necessarily expect to be. We trust Sertifitseerimiskeskus enough to have their technology (their Smart ID Card) be sufficient for all forms of transactions and registrations. E.g. I sign my company accounts each year using their smart card. Which is also what lets me identify myself as I cross EU border checks. And what I use to identify myself when I go to the doctor or the hospital.
So I trust them with almost every aspect of my wellbeing, if not my life. OK, I didn't have any choice, but the system works, and I presume it was very well vetted (we have some world-class cryptologists in Estonia, ones who would make a fuss if a problem was suspected (has happened once, the govt. acted quite quickly)).
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 3) by doublerot13 on Tuesday September 09 2014, @02:17PM
Next, sites need to stop using SHA1 and move to SHA256 or better.
(Score: 1) by pendorbound on Tuesday September 09 2014, @02:33PM
So of the billion or so websites on the Internet (http://www.internetlivestats.com/total-number-of-websites/), Firefox has caused a warning to appear when browsing 0.01015% of them.
Gonna file this one under “BFD”…