Friday, December 23, 2011

Outgoing mail server certificate replaced

We have replaced our outgoing mail server certificate with a new certificate. Our SMTP certificate is signed with a 4096-bit key which exceeds the NIST RSA keys post-2010 standard recommendation. The recommendation was that 1024-bit RSA keys should only be depended on until December 31st, 2010 after which the minimum key size should be 2048-bit RSA.

NullShells networks has been proactive in staying up to date with the NIST standards and recommendations. All certificates issued after December 31st, 2010 should have a minimum 2048-bit RSA keys. We are actively moving any remaining certificates to 2048-bit and 4096-bit root certificates. We currently support and often exceed the same level of encryption offered in the banking industry. In the future we will continue to implement internal policy standards to protect our subscriber's security.