[cabfpub] Fwd: SANS NewsBites Vol. 15 Num. 042 : NSA/CyberCom To Get Green Light to Respond to Cyber Attack; Iranians Targeting US Energy Companies ICS; Chinese Hackers Stole US Weapons Systems Designs
Stephen McHenry »
smchenry at google.com
Wed May 29 09:41:11 MST 2013
Some of the linked articles provide better editorial comment on the
rationale behind the move.
On Wed, May 29, 2013 at 8:03 AM, Rick Andrews <Rick_Andrews at symantec.com>wrote:
> >From the SANS Newsletter this week.
> Good publicity, although only the editorial comment explains why this is
> Begin forwarded message:
> > --Google Will Upgrade SSL Encryption Keys
> > (May 24, 2013)
> > By the end of 2013, Google plans to upgrade all of its SSL certificates
> > to 2048-bit keys. The change is scheduled to begin in August. Google
> > plans to upgrade its root certificate as well. Certain client software
> > embedded in devices like phones, gaming consoles, and cameras could run
> > into problems with the upgrade; Google has offered advice to help
> > mitigate those issues.
> > [Editor's Note (Pescatore): I think the CA Browser Forum is requiring
> > all CAs to do this by YE2013. Growth in processing power over time,
> > combined with advances in crypto attacks that shorten brute force
> > attacks, means crypto strengths will always have to increase over time.
> > SSL in practice needs more than longer keys - the switchover to longer
> > lengths will drive client/server side software upgrades that need to
> > address various validity checking and revocation issues. But, the
> > security of CAs needs to be addressed in a big way, too.]
> Public mailing list
> Public at cabforum.org
Aut inveniam viam aut faciam
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Public