Google has this week announced that its has now complete the migration of user accounts and its services to the stronger 2048-bit RSA encryption protocol.
Google’s aim was to upgrade their derives to include the 2048-bit RSA encryption by the end of 2013 and have now completed it with a month to spare. From now on Google Internet Authority G2 will issue 2048-bit certificates for Google web sites and properties.
Google explains a little more:
“We take the security and privacy of our users very seriously and, as we noted in May, Google has been working to upgrade all its SSL certificates to 2048-bit RSA or better by the end of 2013. Coming in ahead of schedule, we have completed this process, which will allow the industry to start removing trust from weaker, 1024-bit keys next year.
Thanks to our use of forward secrecy, the confidentiality of SSL connections to Google services from modern browsers was never dependent on our 1024-bit RSA keys. But the deprecation of 1024-bit RSA is an industry-wide effort that we’re happy to support, particularly light of concerns about overbroad government surveillance and other forms of unwanted intrusion.
The hardware security module (HSM) that contained our old, 1024-bit, intermediate certificate has served us well. Its final duty after all outstanding certificates were revoked, was to be carefully destroyed.”
Source: Android Community
