If you are a company that is a specialist in email delivery for customers, and you want to claim support for STARTLS encrypted sessions to the greatest number of recipients, maybe you should be sure your company supports ECDSA based certs in addition to RSA.
Sure, RSA is nearly 50 years old, while ECDSA was proposed a little over 30 years ago, but how many decades will need to pass before you support ECDSA certs?
Joking/Sarcasm: I can understand that something that is over 30 years old might be "too new" for antiquarian tech companies with nostalgia for Luddite beliefs to consider supporting, but please, let us know which decade you plan to make a decision. Is this an issue that "will be decided after heat death of the universe" kind of thing?
And another thing, if you specialize in email delivery, why not also support TLS/1.3 ciphersuites with STARTTLS over SMTP sessions? All the cool kids support TLS/1.3. (All the cool kids support the latest TLS version or successors.)
(It would be best if email could move off the need to use STARTLS and just expect everyone to use TLS without STARTTLS and impose the same requirements of host name matching (older mostly obsolete ) "CN" in subject or modern "SAN" for connected hostname and validate before delivery, but that is a more difficult change.)
In other news: if you run a domain that receives mail, check out MTA-STS:
https://mxtoolbox.com/dmarc/details/mta-sts/what-is-mta-sts-record
It can be a nice complement to using DANE/TLSA with DNS using DNSSEC for adding security to mail server certs.
TCMBC
TechCrunch
cackalackycon