Microsoft has announced that by August, 2012, Microsoft will operate a patch for the operating system like win XP, win server 2003, win server 2003 R2, win vista, win server 2008, win server 2008 R2, win 7. This renewal of cryptographic key will ban key less than 1024 bits. Now the problem will arise in installing Active x control, software, or enrolling a SSL certificate.
If your certificate signed with, low, cryptography key than it is, a problematic situation because it will not authenticate your site and therefore customer might move to other site that will hammer your image. If you only have publicly trusted certificates from reputable sellers, there is nothing to worry. If your certificate belongs to local vendor and does not follow the common certificate policy rules, it will suffer from this new rule. The main purpose behind this action is to encrypt the information strongly so attackers or phishing activity will not happen in the future.
In addition, Microsoft announce about Root certificate that it must be x.509 v3 certificates. Root certificate must not end until at least 8 years after compliance and not before 2030. More farseeing expiration will lead to larger root key sizes. SSL Certificate Authorities who issue 1024-bit intermediary certificates with expiry until December 31, 2013 will hold responsible for himself. For all intermediate certificates published after December 31, 2010, the Certificate Authority must comprise an 8-byte casual value in the Serial Number certificate field or the first component of the Subject Name certificate field.
Related Posts :