I am interested in getting information – assuming someone knows – about how strong the key generation was in creating the root keys that are trusted in browsers. Things like - key generation used a tamper resistent hardware vs. software - weak RSA keys were checked against … etc.
Any input is appreciated.
Typically, it will be a 2048-bit RSA.
You can check for yourself depending on the browser you’re using.
Firefox: Tools → Options → Advanced → Encryption → View Certificate → Authorities → Select one of them, click on view (or double click on one) → Details and then look for: Subject’s Public Key and it will tell you the size that one used.
Internet Explorer: Tools → Internet Options → Content → Certificates → Trust Root → Double click on one → Details and there should be something in relation to the Subject’s public key.
Does this help?
Yes – I checked those. The certificate does not include information on how it was generated – did we use hardware or software, did we check against potential weak keys, that type of thing.