[cabfpub] Proposal to add DSA 2048
Ryan Sleevi
sleevi at google.com
Thu Mar 7 20:37:18 MST 2013
NSS recently added support, through contributions from Red Hat. They should
work with Firefox.
However, because Chrome uses native cert verification APIs, they are not
expected to work beyond ChromeOS, Chrome for Linux, and Chrome for iOS (the
three NSS-for-verification platforms).
Note: This is not an endorsement.
On Mar 7, 2013 7:27 PM, "Ryan Hurst" <ryan.hurst at globalsign.com> wrote:
> The performance properties of DSA are great relative to RSA for servers
> but major clients (as far as I know) do not support DSA keys larger than
> 1024, I know this is the case for anything that relies on CryptoAPI in
> Windows. Out of curiosity are there major browsers that can work with such
> keys or are your scenarios limited to custom applications?****
>
> ** **
>
> Ryan****
>
> ** **
>
> *From:* public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] *On
> Behalf Of *Rick Andrews
> *Sent:* Thursday, March 07, 2013 4:23 PM
> *To:* CABFPub (public at cabforum.org)
> *Subject:* [cabfpub] Proposal to add DSA 2048****
>
> ** **
>
> Symantec has begun offering SSL certificates with DSA 2048-bit keys. Since
> DSA is not mentioned in the Baseline Requirements or EV Guidelines, I’d
> like to explicitly add DSA 2048 in BR Appendix A as the minimum DSA key
> size.****
>
> ****
>
> If there are no objections, I’ll draft a ballot and seek endorsers.****
>
> ****
>
> -Rick ****
>
> ****
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20130307/cdb83485/attachment.html
More information about the Public
mailing list