On Sun, Apr 19, 2026 at 08:52:43AM +0100, Sad Clouds via Postfix-users wrote:
> > * With RSA certificates, the key sizes is 2048 or 3072 bits
> >
> > * With ECDSA certificates use a P256 key.
> >
> > * Accept both AES128 and AES256 ciphers, and if posisble accept
> > CBC ciphers.
>
> OK, let's take ECDSA for example, if the P-256 is the baseline
> supported by most software, does it make sense having multiple
> additional certificates: P-384 and P-521, in case a remote SMTP
> software policy allows only these curves? Or is there no practical
> advantage at this time?
It is not possible. OpenSSL supports at most one EC cert + private key
at a time in a given context (default or SNI-based).
If you go to the dane-users list archive you'll see some additional
notes on ECDSA and RSA.
https://list.sys4.de/hyperkitty/list/[email protected]/
> PS. If I'm not mistaken, this is not an issue for RSA certificates,
> since all key sizes are universally supported because RSA uses the same
> algorithm.
Actually it is, because even though RSA is a single algorith, not all
implementations accept all key sizes, stick with *mainstream*
parameters.
--
Viktor. 🇺🇦 Слава Україні!
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
