Yeah, ten times more, which is great, but I didn't practically run into limitations of the ESP8266 either. Then again, I'm not representative, but I'm saying that even 40K is plenty for most things.
It turns out 40K isn't much if you want a TLS stack that supports modern standards and keysizes, and interoperates with most servers out there [1]. Once you have 16K transmit and receive buffers (the default fragment length) and enough space to do the math needed for a 4096-bit RSA key, you're pretty much out of RAM.
And that's just the system library for a single TLS connection - the programmer will probably want to use some memory too :)
Well, 4096 bit keys are wasteful even on non-embedded platforms (Desktop/mobile) at the moment. 2048 bit keys are totally fine if you use a reasonable validity period (Let's Encrypt only issues 3-month certificates, for example). That way, it's highly unlikely that the key can be cracked during the validity of the certificate, and should a more practical attack come along at some point, your exposure is limited and you can quickly switch to a larger key size.
Well yeah but very few sites have 4096 bit keys in my experience, it's mostly misinformed hackers thinking "more bits, more good". And most likely you'll be running your own endpoint for the ESP, so you can control the key length.
40kb is ok if you are just loading compiled byte code, however the Lua / MicroPython runtimes consume nearly all of that leaving little space for your project.
