* Well, we have a fair bit of experience of a lot of people talking to Let's Encrypt. That's not really the same as a lot of servers and a lot of clients.
We have multiple CA’s that support it, and other implementations as well. Certainly LE dominates, but it’s not the only usage. And certainly not the only anticipated future usage. * I would match the TLS ones: MUST ECDSA with P-256, SHOULD EdDSA with X25519. That would make the MTI limited to a subset of the WebPKI supported by the latest browsers, which seems wrong. But let’s not bikeshed too much and see what the WG consensus is.
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
