Hello Viktor,
I am only concerned with offereing newer , faster, and more secure cipher
suites on our web application, so that as clients have the ability to use them
they can begin to do so.
Our LB offers a method to present baoth an RSA and ECC cert at thw aame time,
at the cost of buying both each year.
I can only support ecdsa_rsa unless I have an ECC certificate to support
ecsda_ecsde ciphers.
Since TLS 1.3 will continue to allow ecdsa_rsa ciphers, there will be no push
to move towards offering them, because of various 'reasons'.
Ben
________________________________
From: Viktor Dukhovni <ietf-d...@dukhovni.org>
Sent: Monday, June 18, 2018 12:32
To: Ben Personick
Cc: TLS WG
Subject: Re: [TLS] Mail regarding draft-ietf-tls-tls13
> On Jun 18, 2018, at 9:10 AM, Ben Personick <ben.person...@iongroup.com> wrote:
>
> There is a common thread circulating, that all support for RSA
> Certificates/Ciphers are dropped in TLS 1.3.
This is not the case.
> As I wrote in the last email, I am aware we can implemenet ECC certs and
> ciphers in TLS 1.2, along side RSA certs/ciphers, however there is a
> consistent fear of breaking what already works by moving onto offering both
> an ECC and RSA certificate and corrosponding ciphers.
You should at least support verifying ECDSA certificates on the client
side, some servers your client software might connect to may have only
ECDSA certificates. On the server side you can continue to use RSA
certificates if you wish. While ECDSA is faster on the server, there
are still some clients (perhaps yours among them) that only support RSA,
and so you'd need to have both RSA and ECDSA certificates, which is
operationally a bit more challenging.
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
