strength of RSA root keys in certificates

I am interested in getting information – assuming someone knows – about how strong the key generation was in creating the root keys that are trusted in browsers. Things like - key generation used a tamper resistent hardware vs. software - weak RSA keys were checked against … etc.

Any input is appreciated.

Typically, it will be a 2048-bit RSA.

You can check for yourself depending on the browser you’re using.

Firefox: Tools → Options → Advanced → Encryption → View Certificate → Authorities → Select one of them, click on view (or double click on one) → Details and then look for: Subject’s Public Key and it will tell you the size that one used.

Internet Explorer: Tools → Internet Options → Content → Certificates → Trust Root → Double click on one → Details and there should be something in relation to the Subject’s public key.

Does this help?

Yes – I checked those. The certificate does not include information on how it was generated – did we use hardware or software, did we check against potential weak keys, that type of thing.