Let's Encrypt's ECDSA root certificate is postponed AGAIN?! :oh_no: I've already been waiting for 2 years...

It wouldn't provide much security benefits, but making the certificate chain fits within fewer TCP packets would speedup the handshake dramatically.

@niconiconi with a properly configured server, the root cert is assumed to be in the client's root CA store, so how does this affect number of packets?
I haven't checked if the intermediary of my ecdsa cert is also ecdsa...

@niconiconi Now that I'm not using my phone, I can see that the intermediate is 2048-bit RSA :/... Unexpected!
My services have about 0.01 visitors per day (apart from me and my family) but I'd love to have a full ECDSA chain!

Sign in to participate in the conversation

cybrespace: the social hub of the information superhighway

jack in to the mastodon fediverse today and surf the dataflow through our cybrepunk, slightly glitchy web portal