There have been quite a few root certificates that have been invalidated for key length issues and lazy sysadmins who did not keep up with the changes. Currently there is a move to 3072 or 4096 bit keys from 2048 bit keys and quite a few bits of software will no longer accept a 1024 bit certificate as being secure. If you are a developer and using code signing, you may remember that back in 2021, the minimum key length for a code signing certificate changed to 3072 bits.
|