Security → Gmail to offer RSA 2048-bit SSL

Will this improve the security even after logging on to Gmail?
»nakedsecurity.sophos.com ··· y-sizes/

Security from what? Maybe from hackers however considering the Gmail TOS I don't think much security will be coming from that area.

The government already has access to all your data, so, in the words of a former secretary of state:
" what difference does it make?"

The difference it makes is 2048 - 1024 = 1024.

quote:

---

But RSA encryption is a public/private key cipher, meaning you have one key to lock and another key to unlock.

---

...and guess who has access to those keys besides the user?

Dun Dun Dun...

Regards

Well, everyone has access to the public key.

The certificate owner (and anyone they give it to, either willingly or under duress) has access to the private key. In short, probably the same people who have access to the current (soon to be previous) 1024 bit private key.

Right now I'm thinking that you don't know the answer nor how the keys work, so asking for guesses to your insinuating rhetorical question rather than providing your own hypothesis.

Even if someone got ahold of Google's private key, the most they could do with it is MITM others. Google supports forward secrecy for every major browser, so the private key can't be used to retroactively decrypt any past traffic.

They currently use ECDHE with the P-256 curve, so their RSA equivalent is around 3072-bits of security.

@NOYB
I do have some knowledge how public / private keys work, tho I usually have to reach for a bottle of aspirin
everytime I have to read an article on it.

The fact of the matter is... and I think it's been mentioned several times in this forum... I trust any commercial
and any governmental agency about as far as I can kick em to actually keep that private [insert here] as what it should
be kept as... PRIVATE.

Next time I'll notate that with "[/cynicism]" to clarify better...

Regards

Not at all.... This has to be a joke!!