Follow

Let's Encrypt's ECDSA root certificate is postponed AGAIN?! :oh_no: I've already been waiting for 2 years...

github.com/letsencrypt/website

It wouldn't provide much security benefits, but making the certificate chain fits within fewer TCP packets would speedup the handshake dramatically.

@niconiconi with a properly configured server, the root cert is assumed to be in the client's root CA store, so how does this affect number of packets?
I haven't checked if the intermediary of my ecdsa cert is also ecdsa...

@niconiconi Now that I'm not using my phone, I can see that the intermediate is 2048-bit RSA :/... Unexpected!
My services have about 0.01 visitors per day (apart from me and my family) but I'd love to have a full ECDSA chain!

Sign in to participate in the conversation
Cybrespace

Cybrespace is an instance of Mastodon, a social network based on open web protocols and free, open-source software. It is decentralized like e-mail.