Comments on: Cisco IP Phone Certificates and Secure Communications http://blogs.cisco.com/security/cisco-ip-phone-certificates-and-secure-communications/ Wed, 22 May 2013 22:57:51 +0000 hourly 1 By: Rob http://blogs.cisco.com/security/cisco-ip-phone-certificates-and-secure-communications/#comment-661861 Rob Tue, 18 Sep 2012 03:26:43 +0000 http://blogs.cisco.com/?p=82765#comment-661861 Thank You Panos!!

   0 likes

]]> By: Panos http://blogs.cisco.com/security/cisco-ip-phone-certificates-and-secure-communications/#comment-660675 Panos Sun, 16 Sep 2012 15:38:54 +0000 http://blogs.cisco.com/?p=82765#comment-660675 Thank you Rob.

The MIC certs are installed on the phone itself and cannot be re-installed or changed. But as far as LSC’s are concerned, our recommendation is to use 2048-bit certs. These are considered secure for today and the years to come.

Currently, we do not recommend to revoke these certs unless there is a compromise, a design change, a security concern, or the key-size is deemed “short” for state-of-the-art processing speeds. Even US NSA today suggests that 2048-bit RSA keys are considered secure for SECRET level data.

More details about the certs themselves can be found in the whitepaper http://www.cisco.com/web/about/security/intelligence/IP_Phone_Security_WP.html

   0 likes

]]> By: Rob http://blogs.cisco.com/security/cisco-ip-phone-certificates-and-secure-communications/#comment-658789 Rob Fri, 14 Sep 2012 17:32:51 +0000 http://blogs.cisco.com/?p=82765#comment-658789 Interesting post Panos. how long is the life cycle to these certs and what would be the renewal process?

   0 likes

]]>