November 18, 2013
Out with the old: Stronger certificates with Google Internet Authority G2
We take the security and privacy of our users very seriously and, as we noted in May, Google has been working to upgrade all its SSL certificates to 2048-bit RSA or better by the end of 2013. Coming in ahead of schedule, we have completed this process, which will allow the industry to start removing trust from weaker, 1024-bit keys next year.
Thanks to our use of forward secrecy, the confidentiality of SSL connections to Google services from modern browsers was never dependent on our 1024-bit RSA keys. But the deprecation of 1024-bit RSA is an industry-wide effort that we’re happy to support, particularly light of concerns about overbroad government surveillance and other forms of unwanted intrusion.
The hardware security module (HSM) that contained our old, 1024-bit, intermediate certificate has served us well. Its final duty after all outstanding certificates were revoked, was to be carefully destroyed.
With the demolition of the HSM and revocation of the old certificates, Google Internet Authority G2 will issue 2048-bit certificates for Google web sites and properties going forward.
3 comments:
You are welcome to contribute comments, but they should be relevant to the conversation. We reserve the right to remove off-topic remarks in the interest of keeping the conversation focused and engaging. Shameless self-promotion is well, shameless, and will get canned.
Note: Only a member of this blog may post a comment.
Did you shoot video of the HSM destruction? Please put it on YouTube
ReplyDeleteBut your certificate for "CN = mail.google.com" on https://gmail.com has certificate with 256 bits key.
ReplyDeleteWhy so?
While I am pleased to see a move to RSA2048, use of Elliptic Curve keys and use of relatively short term certificates for user and issuing CA. I am howvere disappointed that you still have:
ReplyDelete- SHA1 as your hashing algorithm in the subject certificate;
- SHA1 in the entire chain within your issuing CA and the GeoTrust root and;
- the fact that you have not moved your CA to be signed by a root that is of a greater cryptographic strength, such as RSA 3084 or RSA 4096.
Hopefully with your next update you can look at strengthening your posture that extra step.