Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


20131231: Mozilla (Firefox) will deactivate 1024-bit roots

Mozilla, that releases Firefox, Seamonkey and Camino among others, will deactivate certification authorities' 1024-bit root on December 31st, 2013. The certificates chained to those root won't be recognized anymore.

However, the certificates we deliver are chained to 2048-bit root since:

  • TBS X509: has always been in 2048-bit
  • Verisign EV: has always been in 2048-bit (with a 1024-bit crossed certification)
  • Verisign non-EV: since October 2010 (with a 1024-bit crossed certification)
  • Thawte EV: has always been in 2048-bit (with a 1024-bit crossed certification)
  • Thawte non-EV: since July 2010 (with a 1024-bit crossed certification)
  • Geotrust EV: has always been in 2048-bit (with a 1024-bit crossed certification)
  • Geotrust non-EV: since mid-July 2010 (with a 1024-bit crossed certification)
  • Comodo EV: has always been in 2048-bit
  • Comodo non-EV: since December 2009 delivered in 1024-bit but with a 2048-bit chain directly interchangeable

The certificates issued before the migration date, expiring after December 31st, 2013 and that do not have an interchangeable chain, will have to be reissued to be linked to a 2048-bit chain.

Edit 2014-03-03
Firefox postpones the deactivation of the 1024-bit roots to June 2014. It will be effective with the release of the version 30 of the browser.
Microsoft also plans to remove the 1024-bit roots on June 2014.

Edit 2014-06-16
Firefox postpones again the deactivation of the 1024-bit roots to September 2014. It will be effective with the release of the version 32 of the browser.