Why do newer versions of Chromium favor RSA certificates over ECC certificates?

Thomas Ward teward at thomas-ward.net
Sat May 21 19:41:43 UTC 2022

This isnt an nginx question.  Ask chromium developers why they chose that approach.

Sent from my Galaxy

-------- Original message --------
From: wordlesswind via nginx <nginx at nginx.org>
Date: 5/21/22 14:56 (GMT-05:00)
To: nginx at nginx.org
Cc: wordlesswind <i at qingly.me>
Subject: Why do newer versions of Chromium favor RSA certificates over ECC certificates?


I noticed that after Chromium 594356 build (71.0.3563.0) it favors RSA
certificates over ECC certificates.

Windows x86-64:



I don't get the idea from the changes in the source code. I'm curious to
know why, since obviously ECC certificates are smaller than RSA

Let’s Encrypt

ECC 384 (E1)

RSA 4096 (R3)

         ssl_stapling         on;
         resolver    valid=300s;
         ssl_stapling_verify  on;

         ssl_session_cache    shared:SSL:10m;
         ssl_session_timeout  1d;

         ssl_protocols        TLSv1.2 TLSv1.3;
         ssl_ecdh_curve       secp384r1;

         ssl_early_data       on;

nginx mailing list -- nginx at nginx.org
To unsubscribe send an email to nginx-leave at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220521/47281529/attachment.htm>

More information about the nginx mailing list