If you aren’t using StartSSL for your SSL certificate needs, you should take a hard look in the mirror and ask if the outrageous prices aged established Certificate Authorities charge are still justified. After all, it’s the same encryption — what you’re paying for is browser support. Well, from the consumer perspective, rigor of the validation process is even more important — ironically, I found StartCom validation process for their $40 Class 2 certificates to be far more rigorous than the “established” players who charge twenty times that.
When I first took a StartCom cert for a spin a couple of years ago, the issue I had was spotty browser support. Today, I’m happy to report that web browser support for the free StartSSL certificate is excellent. Well, almost…
It was time to renew a couple of certs and it turned out that the CSR I had originally used was generated with a 512 bit key. Dynadot, who, by the way, offers a pretty sweet $15/year price on single root RapidSSL certs, suggested that I regenerate with a minimum of 1024 bits.
Indeed, it looks like 1024 bit key length is the minimum currently recommended. In fact, depending on whom you ask, it may already be insufficient.
NIST guidelines are comparatively optimistic, but even according to their 2007 Recommendation for Key Management, time for 1024 bit keys is passing quick.