Print

By the end of the year organisation certificates based on the 1024-bit key will not be used any longer

22.08.2013

According to the requirements of Mozilla browser by the end of 2013 the Certification Centre (SK) will revoke all still valid organisation certificates based on the 1024-bit key. The certificates include Digital Stamp, Web Server (SSL) and other organisation certificates issued under KLASS3-SK 2010 certifier.

SK wishes to offer its customers internationally accepted and highly secure services, as evidenced by the fact that the SK’s root certificate is officially recognized by such major web browsers as Internet Explorer, Mozilla, Safari and Chrome. International requirements are constantly changing and algorithm changes are based on the requirements of CA/Browser Forum: "Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates, v.1.1.5" (https://www.cabforum.org/Baseline_Requirements_V1_1_5.pdf)
Section 3 of Annex A of this document sets out the minimal key length for subscriber certificate.

Already since the end of 2012 SK does not issue organisation certificates based on 1024-bit keys under KLASS3-SK 2010 certifier. In cooperation with customers we have commenced replacing the old certificates.
Before the end of the year we plan to replace all organisation certificates based on 1024-bit keys, and do it free of any charge. SK will certainly contact the respective institutions.
If you know that you have a certificate that is to be replaced, you may contact us yourself and ask for a new certificate for your institution.
 
If you have any additional questions or encounter any problems, please contact us by email support[A]sk.ee or by phone +372 6101880.
 

AS Sertifitseerimiskeskus