ECDSA client question
Tributh
dovecot-user at tributh.net
Sun Dec 16 17:52:47 EET 2018
Am 16.12.18 um 12:13 schrieb Michael A. Peters:
> Hi, for those who have adopted ECDSA,
>
> Are there still any commonly used IMAPS/POP3S clients that still can not
> handle ECDSA certificates?
>
> I know you can set up Dovecot dor dual cert, I am just trying to
> determine if there still is a real world need to.
Nearly every client can handle ECDSA, but it depends on the size of the
certificate.
I used years ago ECDSA-384bit certificates, which covered most of the
clients. It came to the point to disable RSA in that time, but than came
Android7.0. This Version can only handle ECDSA-256bit certificates or RSA.
The coverage of Android7.0 is still over 20%. Google reacted fast and
repaired this bug in 7.1, which is still not coming to most of the phones.
Cheers
Torsten
More information about the dovecot
mailing list