Re: [TLS] AES-OCB in TLS [New Version Notification for draft-zauner-tls-aes-ocb-03.txt]

[Daniel Kahn Gillmor <dkg@fifthhorseman.net>]

On Mon 2015-06-01 14:33:16 -0400, Michael Hamburg wrote:
> I tried to get one from Comodo about a year ago.  It wasn’t advertised
> on their website but I asked one of their tech support folks.  They
> said that it was an experimental feature for business customers only,
> and would cost me something like $600.  I don’t remember if that was a
> 1-year or 3-year cert.

I just went back through my notes: in November 2014, i used a small
(~$5?) credit i had with https://ssls.com/ to get a PositiveSSL Comodo
cert with ECC.  I couldn't figure out how to submit the ECC cert through
the https://ssls.com/ web interface, so i opened their "live support"
chat, and got this suggestion:

>>> Unfortunately our system cannot parse ECDSA public keys. As an
>>> option you can purchase the cert here and you would need to submit a
>>> ticket to us for the manual cert activation.

>>> To submit a ticket, please follow this link:
>>> https://support.cheapssl.com/index.php?/cheapssl/Tickets/Submit
>>> Please provide the cert or order ID, the request and approver and
>>> admin contacts in the ticket

I did that, and the confirmation e-mail came through about a half-hour
later.

> Anyway you can get ECDSA certs relatively easily, but not cheaply; or
> at least, that’s how it was a year ago.

I found it was quick and cheap, but the UI/UX was not as streamlined as
I wanted it to be for a DV cert (i had to nag two humans, via chat and
the ticket system to make it happen, but it did happen promptly).

ymmv, of course,

  --dkg