Blumenthal, Uri - 0553 - MITLL writes: >Peter, "Compromised" in the context must necessarily mean "someone stole the >key", because if someone "broke the crypto" - then none of the certs issued >by that CA is worth the weight of electrons that carried it.
"Compromised" meant (at the time, I was trying to avoid bringing in specific references) someone factoring the 512-bit RSA key in the cert. Since CAs used 2048-bit keys in HSMs for signing this wasn't an issue for them. Stolen keys were't any more than a minor theoretical consideration compared to attacking the crypto until the cybercrime industry started doing it en masse, completely ignoring the crypto in the process (see Shamir's Law). Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
