Let's Encrypt's ECDSA root certificate is postponed AGAIN?! I've already been waiting for 2 years...
It wouldn't provide much security benefits, but making the certificate chain fits within fewer TCP packets would speedup the handshake dramatically.
@niconiconi with a properly configured server, the root cert is assumed to be in the client's root CA store, so how does this affect number of packets?
I haven't checked if the intermediary of my ecdsa cert is also ecdsa...
@niconiconi Now that I'm not using my phone, I can see that the intermediate is 2048-bit RSA :/... Unexpected!
My services have about 0.01 visitors per day (apart from me and my family) but I'd love to have a full ECDSA chain!
ｃｙｂｒｅｓｐａｃｅ: the social hub of the information superhighway
jack in to the mastodon fediverse today and surf the dataflow through our cybrepunk, slightly glitchy web portal