[cabfpub] Fwd: SANS NewsBites Vol. 15 Num. 042 : NSA/CyberCom To Get Green Light to Respond to Cyber Attack; Iranians Targeting US Energy Companies ICS; Chinese Hackers Stole US Weapons Systems Designs

Stephen McHenry » smchenry at google.com
Wed May 29 16:41:11 UTC 2013


Some of the linked articles provide better editorial comment on the
rationale behind the move.


On Wed, May 29, 2013 at 8:03 AM, Rick Andrews <Rick_Andrews at symantec.com>wrote:

> >From the SANS Newsletter this week.
>
> Good publicity, although only the editorial comment explains why this is
> happening.
>
> -Rick
>
> Begin forwarded message:
>
> > --Google Will Upgrade SSL Encryption Keys
> > (May 24, 2013)
> > By the end of 2013, Google plans to upgrade all of its SSL certificates
> > to 2048-bit keys. The change is scheduled to begin in August. Google
> > plans to upgrade its root certificate as well. Certain client software
> > embedded in devices like phones, gaming consoles, and cameras could run
> > into problems with the upgrade; Google has offered advice to help
> > mitigate those issues.
> >
> http://arstechnica.com/security/2013/05/google-builds-bigger-crypto-keys-to-make-site-forgeries-harder/
> >
> http://www.h-online.com/security/news/item/Google-to-replace-SSL-certificates-1869281.html
> >
> http://www.zdnet.com/google-upgrading-all-ssl-certificates-to-2048-bit-keys-by-end-of-2013-7000015863/
> >
> http://www.computerworld.com/s/article/9239518/Google_to_lengthen_SSL_encryption_keys_in_August?taxonomyId=17
> > [Editor's Note (Pescatore): I think the CA Browser Forum is requiring
> > all CAs to do this by YE2013. Growth in processing power over time,
> > combined with advances in crypto attacks that shorten brute force
> > attacks, means crypto strengths will always have to increase over time.
> > SSL in practice needs more than longer keys - the switchover to longer
> > lengths will drive client/server side software upgrades that need to
> > address various validity checking and revocation issues. But, the
> > security of CAs needs to be addressed in a big way, too.]
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>



-- 

Stephen

Stephen McHenry
Google
(650) 253-7140
Aut inveniam viam aut faciam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20130529/02ee4be4/attachment-0003.html>


More information about the Public mailing list