MozillaWiki

SecurityEngineering/x509Certs: Difference between revisions

Page Discussion

SecurityEngineering/x509Certs (view source)

Revision as of 20:44, 19 August 2014

128 bytes added ,  19 August 2014
no edit summary
No edit summary
Line 119: Line 119:


In other words, SHA1 is now deprecated for new uses. We should use  at least 3072 key sizes and at least a 256 ECC curve. Thus the recommendation here is for the root to be 4096 if using RSA and p384 for the root key. (p384 also chosen for compatibility as most SSL/TLS implementations support this part of suite B).
In other words, SHA1 is now deprecated for new uses. We should use  at least 3072 key sizes and at least a 256 ECC curve. Thus the recommendation here is for the root to be 4096 if using RSA and p384 for the root key. (p384 also chosen for compatibility as most SSL/TLS implementations support this part of suite B).
= Error Messages in Firefox =
Here are some common errors that might be encountered when working with certificates in Firefox.
Dkeeler
Confirmed users
299

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/1007227"