On Tue, Feb 17, 2015 at 01:00:37PM -0800, Seth wrote: > I'm in the process of switching out existing RSA Certificate Authority > server certificates for ECDSA (Elliptical Curve DSA) ones. > > Are ECDSA certs supported by OpenSMTPD? Or does that depend completely on > the chosen SSL library, i.e. OpenSSL, LibreSSL, BoringSSL, etc? >
They are not supported yet but they should be soon. Basically, we rely on privilege separation for handling private keys and it requires writing slightly more code than the usual. There's been some discussion going on about this on another OpenBSD project and we'll pick the change when it's available there. -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
