Re: [TLS] I-D Action: draft-ietf-tls-rfc4492bis-00.txt

Viktor Dukhovni <> Wed, 03 December 2014 08:27 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 3F9AE1A0110 for <>; Wed, 3 Dec 2014 00:27:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Eyv8YTtVlK16 for <>; Wed, 3 Dec 2014 00:27:22 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CF4D01A00F1 for <>; Wed, 3 Dec 2014 00:27:21 -0800 (PST)
Received: by (Postfix, from userid 1034) id B1025282D5F; Wed, 3 Dec 2014 08:27:20 +0000 (UTC)
Date: Wed, 03 Dec 2014 08:27:20 +0000
From: Viktor Dukhovni <>
Message-ID: <>
References: <>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.5.23 (2014-03-12)
Subject: Re: [TLS] I-D Action: draft-ietf-tls-rfc4492bis-00.txt
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 03 Dec 2014 08:27:24 -0000

On Wed, Dec 03, 2014 at 07:47:23AM +0000, Peter Gutmann wrote:

> Viktor Dukhovni <> writes:
> >a server that wants to use ECDSA when possible, but still wants to
> >interoperate with more than just a select few clients really SHOULD have both
> >ECDSA and RSA certificates.
> Do you want to be the one to tell your CIO that the CA tax on their entire
> server infrastructure just doubled, all in the name of making a fashion
> statement?

For HTTPS, at this time often no, especially not given what EV
certs typically cost.

For SMTP with DANE, the marginal cost for a TLSA record is zero.
Twice zero is still zero.  

However, the Let's Encrypt price for "DV" (Domain not Validated,
or perhaps Definitively Vacuous) certs may again turn out to be a
solution of $2x = x$.  And I think they are not first to offer
"free" certs, though the deployment cost in administrator effort
may be where they prove to be cheaper if successful.

Also in terms of software support, IIRC OpenSSL prior to the not
quite yet released 1.0.2 does not process chain files for multiple
certificates as well as one might expect (there are work-arounds).

So I am not expecting multi-certificate deployments (and thus any
ECDSA deployments) to become mainstream in the very near term.