Hi
I am very sorry I gave the impression that there is an issue with submitting leaf certificates with very large key sizes into CT logs.
The answer I gave Burton was unfortunately not based on a very precise diagnosis of the situation. We observed that the registration of the pre-certificate failed, but we had no clear evidence that this was due to the certificate being rejected by the CT logs.
Issuing certificates for such large key sizes is a very rare case and this was our first attempt to issue a certificate for such a large key. When this failed, we were pretty sure that this had to do with the key size and we did not put much effort into identifying the exact cause.
However, after doing some more investigations now we see that the failure is caused by an error in a Buypass infrastructure component between our internal servers and the external CT logs.
Regards
Mads
Hi
I am very sorry I gave the impression that there is an issue with submitting leaf certificates with very large key sizes into CT logs.
The answer I gave Burton was unfortunately not based on a very precise diagnosis of the situation. We observed that the registration of the pre-certificate failed, but we had no clear evidence that this was due to the certificate being rejected by the CT logs.
Issuing certificates for such large key sizes is a very rare case and this was our first attempt to issue a certificate for such a large key. When this failed, we were pretty sure that this had to do with the key size and we did not put much effort into identifying the exact cause.
However, after doing some more investigations now we see that the failure is caused by an error in a Buypass infrastructure component between our internal servers and the external CT logs.
Regards
Mads
--
You received this message because you are subscribed to the Google Groups "Certificate Transparency Policy" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ct-policy+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/ct-policy/266bef4a-e4a3-49b9-8efc-8c467397e90an%40chromium.org.