On 14/10/13 17:28, Kaspar Brand wrote:
On 14.10.13 10:51, Rob Stradling wrote:
Kaspar, I don't think data from 2010 (or even data from today) should be
assumed to be a reliable indicator of future use of non-RSA certs on
public sites.
"Past performance is not indicative of future performance", as they use
to say in other industries, yes. Did the situation with Certicom's
licensing terms for ECC cert issuance change recently?
Not that I know of. But, with or without a licence from Certicom, it's
gradually starting to happen.
Symantec are already issuing ECC certs [1]. Here's one for
urs.microsoft.com:
-----BEGIN CERTIFICATE-----
MIIDxjCCA2ugAwIBAgIQUbq+PtTzXy8rOAsfB6suITAKBggqhkjOPQQDAjB7MQsw
CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLDAqBgNVBAMTI1N5bWFudGVjIENs
YXNzIDMgRUNDIDI1NiBiaXQgU1NMIENBMB4XDTEzMDkyMDAwMDAwMFoXDTE1MDkx
OTIzNTk1OVowgYYxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApXYXNoaW5ndG9uMRAw
DgYDVQQHDAdSZWRtb25kMR4wHAYDVQQKDBVNaWNyb3NvZnQgQ29ycG9yYXRpb24x
FDASBgNVBAsMC1NtYXJ0U2NyZWVuMRowGAYDVQQDDBF1cnMubWljcm9zb2Z0LmNv
bTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKRpJylWRGyj0IxBH+SMdRRioQd6
M6mSEDsnrnoLAeQmtJOOeGtafnrX4REkM9ZtsAWBWdynIAIFfBrcEb490+mjggHD
MIIBvzA0BgNVHREELTArghF1cnMubWljcm9zb2Z0LmNvbYIWYmV0YS51cnMubWlj
cm9zb2Z0LmNvbTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIHgDAdBgNVHSUEFjAU
BggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0gBDwwOjA4BgpghkgBhvhFAQc2MCow
KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMwHwYDVR0j
BBgwFoAUdXGf/eTFGkqYm6v7wTqsTdTPb4wwTwYDVR0fBEgwRjBEoEKgQIY+aHR0
cDovL1NWUjI1NlNlY3VyZUVDQy1jcmwud3Muc3ltYW50ZWMuY29tL1NWUjI1NlNl
Y3VyZUVDQy5jcmwwgZUGCCsGAQUFBwEBBIGIMIGFMDcGCCsGAQUFBzABhitodHRw
Oi8vU1ZSMjU2U2VjdXJlRUNDLW9jc3Aud3Muc3ltYW50ZWMuY29tMEoGCCsGAQUF
BzAChj5odHRwOi8vU1ZSMjU2U2VjdXJlRUNDLWFpYS53cy5zeW1hbnRlYy5jb20v
U1ZSMjU2U2VjdXJlRUNDLmNlcjAKBggqhkjOPQQDAgNJADBGAiEAxdqO/Zo0L4tY
+1VIXjyDBiWexXHo/LUwxJqWYK1DN/ECIQCcp+fXwMAOiv4OlvHjV3BrNuEdr93m
WLuIyEC12xJ5uw==
-----END CERTIFICATE-----
AFAICT, interest (amongst the commercial CAs) in ECC certs continues to
grow. Since a significant proportion (I estimate ~20%) of deployed
clients will accept RSA server certs but not ECC server certs, I think
that configuring both an ECC cert and an RSA cert on a single vhost may
yet become popular!
I'm not saying we should no longer support multiple certs per vhost (in
fact, with my PoC patch, you can send as many certs to OpenSSL if you
increase SSL_AIDX_MAX - though OpenSSL currently can't really cope with
it)... what I'm saying is that I don't see a need for an additional
per-cert directive. To support the "current cert" concept of OpenSSL for
the SSL_CTX calls, we just need to make sure that we're applying the
OpenSSLConfCmd directives (ServerInfoFile etc.) at the proper place.
Kaspar
Ah, I see. Thanks for explaining.
[1]
http://www.symantec.com/connect/blogs/introducing-algorithm-agility-ecc-and-dsa
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
