Do any well-known CAs issue Elliptic Curve certificates?

Posted by erickson on Server Fault See other posts from Server Fault or by erickson
Published on 2009-12-04T22:37:37Z Indexed on 2012/10/08 15:41 UTC
Read the original article Hit count: 317

Filed under:
|
|
|

Background

I've seen that Comodo has an elliptic curve root ("COMODO ECC Certification Authority"), but I don't see mention of EC certificates on their web site.

Does Certicom have intellectual property rights that prevent other issuers from offering EC certificates? Does a widely-used browser fail to support ECC? Is ECC a bad fit for traditional PKI use like web server authentication? Or is there just no demand for it?

I'm interested in switching to elliptic curve because of the NSA Suite B recommendation. But it doesn't seem practical for many applications.


Bounty Criteria

To claim the bounty, an answer must provide a link to a page or pages at a well-known CA's website that describes the ECC certificate options they offer, prices, and how to purchase one. In this context, "well-known" means that the proper root certificate must be included by default in Firefox 3.5 and IE 8. If multiple qualifying answers are provided (one can hope!), the one with the cheapest certificate from a ubiquitous CA will win the bounty. If that doesn't eliminate any ties (still hoping!), I'll have to choose an answer at my discretion.

Remember, someone always claims at least half of the bounty, so please give it a shot even if you don't have all the answers.

© Server Fault or respective owner

Related posts about ssl

Related posts about ssl-certificate