I've just queried this with both Mozilla and Entrust - as we have a large number of sites with Entrust SSL certs.
Just to clarify, Mozilla are removing the 1024bit root and intermediate certificates, and therefore any certs with those in the key chain will fail.
However, any SSL cert bought within the last 18 months (from Entrust at least) uses the 2048bit root and intermediate certificate chain, and these will not be affected.
Biting the hand that feeds IT
