[Cscwg-public] Code Signing Key Size changes
Doug Beattie
doug.beattie at globalsign.com
Thu Sep 3 13:36:18 MST 2020
Add to further Dean's note, this applies to all certificates in the chain
from the root down, so if you need a new subordinate CA you had better get
started on that.
From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Dean
Coclin via Cscwg-public
Sent: Thursday, September 3, 2020 4:16 PM
To: cscwg-public at cabforum.org
Subject: [Cscwg-public] Code Signing Key Size changes
I'm not sure if everyone is aware that minimum key sizes are going to change
soon.
The Code Signing BRs specify that certs issued after Jan 1, 2021 must have
3072 RSA keys (vs the current 2048). This has been in there for a while, but
I fear that customers may not be prepared as it has not been well
advertised.
In addition, making changes at the beginning of January is always risky due
to holidays, shutdowns, freezes, etc.
I'm wondering if there is any appetite to move this to April or May 2021?
Dean
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20200903/f59e434b/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5688 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20200903/f59e434b/attachment-0001.p7s>
More information about the Cscwg-public
mailing list