Google has confirmed today that they have finished upgrading all of their SSL certificates to 2048-bit RSA or better, a process they began in May of this year.
Says the search giant:
Coming in ahead of schedule, we have completed this process, which will allow the industry to start removing trust from weaker, 1024-bit keys next year.
Thanks to our use of forward secrecy, the confidentiality of SSL connections to Google services from modern browsers was never dependent on our 1024-bit RSA keys. But the deprecation of 1024-bit RSA is an industry-wide effort that we're happy to support, particularly light of concerns about overbroad government surveillance and other forms of unwanted intrusion.
The hardware security module (HSM) that contained our old, 1024-bit, intermediate certificate has served us well. Its final duty after all outstanding certificates were revoked, was to be carefully destroyed. With the demolition of the HSM and revocation of the old certificates, Google Internet Authority G2 will issue 2048-bit certificates for Google web sites and properties going forward.